Toward Efficient and Robust Deep Learning-based Malware Detection in Fog Computing

Abstract

Machine learning and deep learning have proven to be very useful for malware detection. Due to their ability of data generalization and the usage of past malware data to detect new malware versions, machine and deep learning techniques have been widely used to secure cloud computing. Nonetheless, malware files might be too large to handle by a simple device with a small RAM, especially when the malware detection system is located on fog computing nodes or at the edge of the network where computational resources are limited compared to the cloud. Therefore, new methods for feature reduction should be used. In this paper, we propose an efficient and robust malware detection system that can be deployed in fog computing. We make use of a technique that takes a snapshot of a file and converts it into an image, and propose a new method for feature reduction by reading only a specific number of bytes for each 1 KB of data and splitting an image into chunks, which separates a large file into fixed-size output images. Such methods reduce the usage of RAM drastically, as only a fixed amount of memory is used at a specific time. Additionally, we propose the addition of Poisson noise to the dataset to improve the accuracy of our model when it needs to detect new variations of malware. Our best model achieves an accuracy of 97.2%.