Using Object Detection Network for Malware Detection and Identification in Network Traffic Packets

Abstract

In recent years, the number of exposed vulnerabilities has grown rapidly and more and more attacks occurred to intrude on the target computers using these vulnerabilities such as different malware. Malware detection has attracted more attention and still faces severe challenges. As malware detection based traditional machine learning relies on exports’ experience to design efficient features to distinguish different malware, it causes bottleneck on feature engineer and is also time-consuming to find efficient features. Due to its promising ability in automatically proposing and selecting significant features, deep learning has gradually become a research hotspot. In this paper, aiming to detect the malicious payload and identify their categories with high accuracy, we proposed a packet-based malicious payload detection and identification algorithm based on object detection deep learning network. A dataset of malicious payload on code execution vulnerability has been constructed under the Metasploit framework and used to evaluate the performance of the proposed malware detection and identification algorithm. The experimental results demonstrated that the proposed object detection network can efficiently find and identify malicious payloads with high accuracy.