Generative adversarial network for global image-based local image to improve Malware classification using convolutional neural network

Sejun Jang, Shuyu Li, Yunsick Sung

Research output: Contribution to journalArticlepeer-review

8 Scopus citations

Abstract

Malware detection and classification methods are being actively developed to protect personal information from hackers. Global images of malware (in a program that includes personal information) can be utilized to detect or classify it. This method is efficient, given that small changes in the program can be detected while maintaining the overall structure of the program. However, if any obfuscation approach that encrypts malware code is implemented, it becomes difficult to extract features such as opcodes and application programming interface functions. Given that malware detection and classification are performed differently depending on whether malware is obfuscated or not, methods that can simultaneously detect and classify general and obfuscated malware are required. This paper proposes a method that uses a generative adversarial network (GAN) and global image-based local image to classify unobfuscated and obfuscated malware. Global and local images of unobfuscated malware are generated using pixel and local feature visualizers. The GAN is utilized to visualize local features and generate local images of obfuscated malware by learning global and local images of unobfuscated malware. The local image of unobfuscated malware is merged with the global image generated via the pixel visualizer. To merge the global and local images of unobfuscated and obfuscated malware, the pixels extracted from global and local images are stored in a two-dimensional array, and then merged images are generated. Finally, unobfuscated and obfuscated malware are classified using a convolutional neural network (CNN). The results of experiments conducted on the Microsoft Malware Classification Challenge (BIG 2015) dataset indicate that the proposed method has a malware classification accuracy of 99.65%, which is 2.18% higher than that of the malware classification approach based on only global images and local features.

Original languageEnglish
Article number7585
Pages (from-to)1-14
Number of pages14
JournalApplied Sciences (Switzerland)
Volume10
Issue number21
DOIs
StatePublished - 1 Nov 2020

Keywords

  • Artificial intelligence
  • Cybersecurity
  • Information security
  • Malware classification
  • Malware visualization

Fingerprint

Dive into the research topics of 'Generative adversarial network for global image-based local image to improve Malware classification using convolutional neural network'. Together they form a unique fingerprint.

Cite this