• Journal of Internet Computing and Services
    ISSN 2287 - 1136 (Online) / ISSN 1598 - 0170 (Print)
    https://jics.or.kr/

A Study on Classification of Variant Malware Family Based on ResNet-Variational AutoEncoder


Young-jeon Lee, Myung-Mook Han, Journal of Internet Computing and Services, Vol. 22, No. 2, pp. 1-9, Apr. 2021
10.7472/jksii.2021.22.2.1, Full Text:
Keywords: Variant Malware, Malware classification, Variational AutoEncoder, Tranfer Learning, Ensemble learning

Abstract

Traditionally, most malicious codes have been analyzed using feature information extracted by domain experts. However, this feature-based analysis method depends on the analyst's capabilities and has limitations in detecting variant malicious codes that have modified existing malicious codes. In this study, we propose a ResNet-Variational AutoEncder-based variant malware classification method that can classify a family of variant malware without domain expert intervention. The Variational AutoEncoder network has the characteristics of creating new data within a normal distribution and understanding the characteristics of the data well in the learning process of training data provided as input values. In this study, important features of malicious code could be extracted by extracting latent variables in the learning process of Variational AutoEncoder. In addition, transfer learning was performed to better learn the characteristics of the training data and increase the efficiency of learning. The learning parameters of the ResNet-152 model pre-trained with the ImageNet Dataset were transferred to the learning parameters of the Encoder Network. The ResNet-Variational AutoEncoder that performed transfer learning showed higher performance than the existing Variational AutoEncoder and provided learning efficiency. Meanwhile, an ensemble model, Stacking Classifier, was used as a method for classifying variant malicious codes. As a result of learning the Stacking Classifier based on the characteristic data of the variant malware extracted by the Encoder Network of the ResNet-VAE model, an accuracy of 98.66% and an F1-Score of 98.68 were obtained.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[APA Style]
Lee, Y. & Han, M. (2021). A Study on Classification of Variant Malware Family Based on ResNet-Variational AutoEncoder. Journal of Internet Computing and Services, 22(2), 1-9. DOI: 10.7472/jksii.2021.22.2.1.

[IEEE Style]
Y. Lee and M. Han, "A Study on Classification of Variant Malware Family Based on ResNet-Variational AutoEncoder," Journal of Internet Computing and Services, vol. 22, no. 2, pp. 1-9, 2021. DOI: 10.7472/jksii.2021.22.2.1.

[ACM Style]
Young-jeon Lee and Myung-Mook Han. 2021. A Study on Classification of Variant Malware Family Based on ResNet-Variational AutoEncoder. Journal of Internet Computing and Services, 22, 2, (2021), 1-9. DOI: 10.7472/jksii.2021.22.2.1.