Malware detection based on multi‐objective convolution restricted Boltzmann machine model and constraint‐dividing crossover strategy algorithm

Abstract

AbstractMalicious code, which is used to threaten network security, has been improved by many methods and strategies. However, the use of unreasonable deep learning models and single‐objective algorithms often affects the accuracy of data classification. Moreover, as an optimization problem, the existence of low‐quality datasets (imbalanced datasets) constrains the training effect of neural network models. Therefore, it is a big challenge to effectively design data processing methods and suitable training models. To enhance the robustness of the model and obtain better data classification results, it is essential to develop an efficient training model and strategy. To resolve this problem, a novel multi‐objective convolution restricted Boltzmann machine (CRBM) model based on the spatial pyramid pooling strategy is proposed to identify images and classify data in this study. Moreover, a fast nondominated sorting genetic algorithm based on the constraint‐dividing crossover strategy (CDCS‐NSGA‐II) is designed to optimize the imbalance datasets of the malware families. Extensive experimental results show that the multi‐objective CRBM model designed in this study combined with the CDCS‐NSGA‐II algorithm can effectively enhance the learning ability of the dataset, increase the effect of data classification and improve the robustness of the model.