Malware Family Classification Model Using Convolutional Neural Network

Abstract

Malware is dangerous for system and network users. Malware identification is an essential task in effectively detecting and preventing the computer system from self-infection, protecting it from potential data loss and system compromise. Commonly, there are 25 malware families exist. Traditional malware detection and anti-virus systems fail to classify the new variants of unknown malware into their corresponding families with the development of malicious code engineering, and it is possible to understand the malware variants and their features for new malware samples that carry variability and polymorphism. The detection methods can rarely detect such variants, but it is important in the cybersecurity field to investigate and detect large-scale malware samples more efficiently. In this paper, an accurate malware family classification model using a convolutional neural network technique is proposed. Malware family recognition is formulated as a multi-classification task, and an accurate solution is obtained by training convolutional neural network with images of malware executable files. Ten families of malware have been considered here for building the models. The image dataset with 2000 instances is applied to a convolutional neural network to build the classifier. The experimental results, based on a dataset of ten classes of malware families and 2000 malware images trained model, provide an accuracy of over 95% in discriminating from malware families. The techniques provide better results for classifying malware into families.