Abstract
In recent years, due to the increasing complexity of malware and serious threats to system security, the anti-malware industry and researchers urgently need new technologies to improve the abilities to prevent malicious attacks. On this basis, this paper proposes a new malware detection method, which describes malware in terms of content-based and relationship-based features. Firstly, different types of entities (i.e., PE file, API, DLL, Registry, Mutex) and their rich semantic relationships (i.e., PE File-API, PE File-DLL, PE File-Registry, PE File-Mutex, DLL-API) are built into a model, which is named heterogeneous information network (HIN). Based on the constructed meta-path scheme, metapath2vec embedding model is used to learn the HIN low-dimensional vectors, which can capture the structure and semantic relationship of HIN. Finally, A Convolutional Neural Network (CNN) is designed to classify the learned HIN representation. The experimental results show that this method achieves 93% accuracy.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
