Next Article in Journal
Renewal Redundant Systems Under the Marshall–Olkin Failure Model. A Probability Analysis
Previous Article in Journal
Mathematical Models for Stress–Strain Behavior of Nano Magnesia-Cement-Reinforced Seashore Soft Soil
Previous Article in Special Issue
A New Individual-Based Model to Simulate Malware Propagation in Wireless Sensor Networks
Open AccessArticle

FastText-Based Local Feature Visualization Algorithm for Merged Image-Based Malware Classification Framework for Cyber Security and Cyber Defense

Department of Multimedia Engineering, Dongguk University-Seoul, Seoul 04620, Korea
*
Author to whom correspondence should be addressed.
Mathematics 2020, 8(3), 460; https://doi.org/10.3390/math8030460
Received: 18 February 2020 / Revised: 16 March 2020 / Accepted: 18 March 2020 / Published: 24 March 2020
The importance of cybersecurity has recently been increasing. A malware coder writes malware into normal executable files. A computer is more likely to be infected by malware when users have easy access to various executables. Malware is considered as the starting point for cyber-attacks; thus, the timely detection, classification and blocking of malware are important. Malware visualization is a method for detecting or classifying malware. A global image is visualized through binaries extracted from malware. The overall structure and behavior of malware are considered when global images are utilized. However, the visualization of obfuscated malware is tough, owing to the difficulties encountered when extracting local features. This paper proposes a merged image-based malware classification framework that includes local feature visualization, global image-based local feature visualization, and global and local image merging methods. This study introduces a fastText-based local feature visualization method: First, local features such as opcodes and API function names are extracted from the malware; second, important local features in each malware family are selected via the term frequency inverse document frequency algorithm; third, the fastText model embeds the selected local features; finally, the embedded local features are visualized through a normalization process. Malware classification based on the proposed method using the Microsoft Malware Classification Challenge dataset was experimentally verified. The accuracy of the proposed method was approximately 99.65%, which is 2.18% higher than that of another contemporary global image-based approach. View Full-Text
Keywords: cyber security; deep learning; malware classification; malware visualization cyber security; deep learning; malware classification; malware visualization
Show Figures

Figure 1

MDPI and ACS Style

Jang, S.; Li, S.; Sung, Y. FastText-Based Local Feature Visualization Algorithm for Merged Image-Based Malware Classification Framework for Cyber Security and Cyber Defense. Mathematics 2020, 8, 460.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop