Detection of Malware by Deep Learning as CNN-LSTM Machine Learning Techniques in Real Time
Abstract
:1. Introduction
- The main focus of this research study is to use the CNN-LSTM method and detect the malware of IoT devices in the emerging technology [4].
- The proposed CNN-LSTM method aims to detect malware in real-time.
- The author divided the dataset in to two sets, one set is employed for the training the dataset which is composed of 70% of the data, the second set represents 30% of the data and is used to test the trained CNN-LSTM model.
- Our deep learning model achieves an accuracy rate of 99% without the use of any complicated feature engineering.
2. Literature Review
3. Research Problem
4. Research Framework
5. Research Methodology
5.1. Dataset
5.2. Features Extraction
5.3. Features Selection
6. Results and Discussion
Limitation
7. Conclusions
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
Abbreviations
CNN | Convolutional Neural network |
LSTM | Long short-term memory |
IoT | Internet of things |
DBN | Deep Belief Networks |
RNN | Recurrent Neural Network |
FPR | False Positive Rate |
RBM | Restricted Boltzmann Machine |
DT | Decision Tree |
SVM | Support Vector Machine |
References
- Nasiri, E.; Berahmand, K.; Li, Y. Robust graph regularization nonnegative matrix factorization for link prediction in attributed networks. Multimedia Tools Appl. 2022. [Google Scholar] [CrossRef]
- Li, D.; Li, Q.; Ye, Y.; Xu, S. Enhancing robustness of deep neural networks against adversarial malware samples: Principles, framework, and aics’2019 challenge. arXiv 2018, arXiv:1812.08108. [Google Scholar]
- Berahmand, K.; Nasiri, E.; Forouzandeh, S.; Li, Y. A preference random walk algorithm for link prediction through mutual influence nodes in complex networks. J. King Saud Univ.-Comput. Inf. Sci. 2022, 34, 5375–5387. [Google Scholar] [CrossRef]
- Zamiri, M.; Bahraini, T.; Yazdi, H.S. MVDF-RSC: Multi-view data fusion via robust spectral clustering for geo-tagged image tagging. Expert Syst. Appl. 2021, 173, 114657. [Google Scholar] [CrossRef]
- Aleesa, A.M.; Zaidan, B.B.; Zaidan, A.A.; Sahar, N.M. Review of Intrusion Detection Systems Based on Deep Learning Techniques: Coherent Taxonomy, Challenges, Motivations, Recommendations, Substantial Analysis and Future Directions. Neural Comput. Appl. 2019, 32, 9827–9858. [Google Scholar] [CrossRef]
- Apruzzese, G.; Colajanni, M.; Ferretti, L.; Guido, A.; Marchetti, M. On the effectiveness of machine and deep learning for cyber security. In Proceedings of the 2018 10th International Conference on Cyber Conflict (CyCon), Tallinn, Estonia, 29 May–1 June 2018; pp. 371–390. [Google Scholar]
- Ferrag, M.A.; Maglaras, L.; Moschoyiannis, S.; Janicke, H. Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. J. Inf. Secur. Appl. 2020, 50, 102419. [Google Scholar] [CrossRef]
- Wickramasinghe, C.S.; Marino, D.L.; Amarasinghe, K.; Manic, M. Generalization of deep learning for cyber-physical system security: A survey. In Proceedings of the IECON 2018—44th Annual Conference of the IEEE Industrial Electronics Society, Washington, DC, USA, 21–23 October 2018; pp. 745–751. [Google Scholar]
- Xu, X.; Liu, Q.; Zhang, X.; Zhang, J.; Qi, L.; Dou, W. A blockchain-powered crowdsourcing method with privacy preservation in mobile environment. IEEE Trans. Comput. Soc. Syst. 2019, 6, 1407–1419. [Google Scholar] [CrossRef]
- Vinayakumar, R.; Soman, K.P.; Poornachandran, P. Evaluating effectiveness of shallow and deep networks to intrusion detection system. In Proceedings of the 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Udupi, India, 13–16 September 2017; pp. 1282–1289. [Google Scholar]
- Shone, N.; Ngoc, T.N.; Phai, V.D.; Shi, Q. A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2018, 2, 41–50. [Google Scholar] [CrossRef] [Green Version]
- Feng, Z.; Shuo, C.; Wang, X. Classification for DGA-based malicious domain names with deep learning architectures. Int. J. Intell. Inf. Syst. 2017, 6, 67–71. [Google Scholar]
- Sahay, S.K.; Sharma, A. Grouping the Executables to Detect Malwares with High Accuracy. Procedia Comput. Sci. 2016, 78, 667–674. [Google Scholar] [CrossRef] [Green Version]
- Kaggle. Microsoft Malware Classification Challenge (BIG 2015)” Microsoft. Available online: https://www.kaggle.com/c/malwareclassification (accessed on 10 December 2016).
- Naseer, S.; Saleem, Y.; Khalid, S.; Bashir, M.K.; Han, J.; Iqbal, M.M.; Han, K. Enhanced network anomaly detection based on deep neural networks. IEEE Access 2018, 6, 48231–48246. [Google Scholar] [CrossRef]
- Aftergood, S. Cybersecurity: The cold war online. Nature 2017, 547, 30–31. [Google Scholar] [CrossRef]
- Al-Garadi, M.A.; Mohamed, A.; Al-Ali, A.K.; Du, X.; Ali, I.; Guizani, M. A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Commun. Surv. Tutor. 2018, 22, 1646–1658. [Google Scholar] [CrossRef] [Green Version]
- Feng, T.; Muhammad Shoaib, A.; Zhang, J. The future of Artificial Intelligence in Cybersecurity: A Comprehensive Survey. EAI Endorsed Trans. Creative Technol. 2021, 8, e3. [Google Scholar] [CrossRef]
- Binbusayyis, A.; Vaiyapuri, T. Unsupervised deep learning approach for network intrusion detection combining convolutional autoencoder and one-class SVM. Appl. Intell. 2021, 51, 7094–7108. [Google Scholar] [CrossRef]
- Berman, D.S.; Buczak, A.L.; Chavis, J.S.; Corbett, C.L. A survey of deep learning methods for cyber security. Information 2019, 10, 122. [Google Scholar] [CrossRef] [Green Version]
- Zhang, M.; Xu, B.; Bai, S.; Lu, S.; Lin, Z. A deep learning method to detect web attacks using a specially designed CNN. In Proceedings of the 24th International Conference on Neural Information Processing, Guangzhou, China, 14–18 November 2017; pp. 828–836. [Google Scholar]
- Wang, W.; Zhu, M.; Zeng, X.; Ye, X.; Sheng, Y. Malware traffic classification using convolutional neural network for representation learning. In Proceedings of the 2017 International Conference on Information Networking, ICOIN, Da Nang, Vietnam, 11–13 January 2017. [Google Scholar]
- Yang, H.; Wang, F. Wireless network intrusion detection based on improved convolutional neural network. IEEE Access 2019, 7, 64366–64374. [Google Scholar] [CrossRef]
- Pascanu, R.; Stokes, J.W.; Sanossian, H.; Marinescu, M.; Thomas, A. Malware classification with recurrent networks. In Proceedings of the 2015 IEEE International Conference on Acoustics Speech and Signal Processing (ICASSP), South Brisbane, Australia, 19–24 April 2015. [Google Scholar]
- Tang, D.; Tang, L.; Shi, W.; Zhan, S.; Yang, Q. Mf-cnn: A New Approach for Ldos Attack Detection Based on MultiFeature Fusion and Cnn. Mob. Netw. Appl. 2020, 26, 1705–1722. [Google Scholar] [CrossRef]
- Staudemeyer, R.C. Applying long short-term memory recurrent neural networks to intrusion detection. S. Afr. Comput. J. 2015, 56, 136–154. [Google Scholar] [CrossRef]
- Aygun, R.C.; Yavuz, A.G. Network anomaly detection with stochastically improved autoencoder based models. In Proceedings of the 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), New York, NY, USA, 26–28 June 2017; pp. 193–198. [Google Scholar]
- Gharib, M.; Mohammadi, B.; Dastgerdi, S.H.; Sabokrou, M. Autoids: Auto-encoder based method for intrusion detection system. arXiv 2019, arXiv:1911.03306. [Google Scholar]
- Baychev, Y.; Bilge, L. Spearphishing malware: Do we really know the unknown? In Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment 15th International Conference, DIMVA 2018, Saclay, France, 28–29 June 2018; pp. 46–66. [Google Scholar]
- Akhtar, M.S.; Feng, T. A Systemic Security and Privacy Review: Attacks and Prevention Mechanisms over IOT Layers. ICST Trans. Secur. Saf. 2022, 8, e5. [Google Scholar] [CrossRef]
- Zhang, Y.; Chen, X.; Jin, L.; Wang, X.; Guo, D. Network Intrusion Detection: Based on Deep Hierarchical Network and Original Flow Data. IEEE Access 2019, 7, 37004–37016. [Google Scholar] [CrossRef]
- Tavallaee, M.; Bagheri, E.; Lu, W.; Ghorbani, A. A detailed analysis of the KDD CUP 99 data set. In Proceedings of the 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada, 8–10 July 2009; pp. 1–6. [Google Scholar] [CrossRef]
- Jung, J.; Kim, H.; Shin, D.; Lee, M.; Lee, H.; Cho, S.-J.; Suh, K. Android Malware Detection Based on Useful API Calls and Machine Learning. In Proceedings of the 2018 IEEE First International Conference on Artificial Intelligence and Knowledge Engineering (AIKE), Laguna Hills, CA, USA, 26–28 September 2018; pp. 175–178. [Google Scholar] [CrossRef]
- Rana, S.; Gudla, C.; Sung, A.H. Evaluating Machine Learning Models for Android Malware Detection: A Comparison Study. In Proceedings of the 2018 VII International Conference on Network, Communication and Computing (ICNCC 2018), Taipei City, Taiwan, 14–16 December 2018; Association for Computing Machinery: New York, NY, USA; pp. 17–21. [Google Scholar] [CrossRef]
- Rehman, Z.-U.; Khan, S.N.; Muhammad, K.; Lee, J.W.; Lv, Z.; Baik, S.W.; Shah, P.A.; Awan, K.; Mehmood, I. Machine learning-assisted signature and heuristic-based detection of malwares in Android devices. Comput. Electr. Eng. 2018, 69, 828–841. [Google Scholar] [CrossRef]
- Rieck, K.; Holz, T.; Willems, C.; Düssel, P.; Laskov, P. Learning and classification of malware behavior. In Proceedings of the DIMVA 2008: Detection of Intrusions and Malware, and Vulnerability Assessment, 5th International Conference, DIMVA 2008, Paris, France, 10–11 July 2008; Springer: Berlin/Heidelberg, Germany, 2018; pp. 108–125. [Google Scholar]
- Chen, C.-M.; Wang, S.-H.; Wen, D.-W.; Lai, G.-H.; Sun, M.-K. Applying Convolutional Neural Network for Malware Detection. In Proceedings of the 2019 IEEE 10th International Conference on Awareness Science and Technology (iCAST), Morioka, Japan, 23–25 October 2019; pp. 1–5. [Google Scholar] [CrossRef]
- Akhtar, M.S.; Feng, T. Deep Learning-Based Framework for the Detection of Cyberattack Using Feature Engineering. Secur. Commun. Netw. 2021, 2021, 6129210. [Google Scholar] [CrossRef]
- Akhtar, M.S.; Feng, T. Comparison of Classification Model for the Detection of Cyber-attack using Ensemble Learning Models. EAI Endorsed Scal. Inf. Syst. 2022, 22, e6. [Google Scholar] [CrossRef]
- Luo, S. Android Malware Analysis and Detection Based on Attention-CNN-LSTM. J. Comput. 2019, 31–43. [Google Scholar] [CrossRef]
- Coleman, S.-P.W.; Hwang, Y.-S. Malware Detection by Merging 1D CNN and Bi-directional LSTM Utilizing Sequential Data. In Information Science and Applications; Springer: Berlin/Heidelberg, Germany, 2021. [Google Scholar] [CrossRef]
Method | TPR | FPR | Detection Accuracy |
---|---|---|---|
CNN-LSTM | 1 | 0.0031 | 99% |
DT | 0.99 | 0.0039 | 98% |
SVM | 0.97 | 0.0043 | 95% |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Akhtar, M.S.; Feng, T. Detection of Malware by Deep Learning as CNN-LSTM Machine Learning Techniques in Real Time. Symmetry 2022, 14, 2308. https://doi.org/10.3390/sym14112308
Akhtar MS, Feng T. Detection of Malware by Deep Learning as CNN-LSTM Machine Learning Techniques in Real Time. Symmetry. 2022; 14(11):2308. https://doi.org/10.3390/sym14112308
Chicago/Turabian StyleAkhtar, Muhammad Shoaib, and Tao Feng. 2022. "Detection of Malware by Deep Learning as CNN-LSTM Machine Learning Techniques in Real Time" Symmetry 14, no. 11: 2308. https://doi.org/10.3390/sym14112308