Abstract
In this paper, we suggest an automated malware detection method using convolutional neural network (CNN) and other machine learning algorithms. Lately malware detection methods have been dependent on the selected packet field of applications such as the port number and protocols, which is why those methods are vulnerable to malwares with unpredictable port numbers and protocols. The proposed method provides more robust and accurate malware detection, since it uses 35 different features extracted from packet flow, instead of the port numbers and protocols. Stratosphere IPS project data were used for evaluation, in which nine different public malware packets and normal state packets in an uninfected environment were converted to flow data with Netmate, and the 35-features were extracted from the flow data. CNN, multi-layer perceptron (MLP), support vector machine (SVM), and random forest (RF) were applied for classification, which showed >85% accuracy, precision and recall for all classes using CNN and RF.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
