Analyzing CNN Based Behavioural Malware Detection Techniques on Cloud IaaS

• URL: http://arxiv.org/abs/2002.06383v1
• Date: Sat, 15 Feb 2020 14:04:33 GMT
• Title: Analyzing CNN Based Behavioural Malware Detection Techniques on Cloud IaaS
• Authors: Andrew McDole and Mahmoud Abdelsalam and Maanak Gupta and Sudip Mittal
• Abstract summary: Cloud Infrastructure as a Service (I) is vulnerable to malware due to its exposure to external adversaries. This paper analyzes and compares various Convolutional Neural Networks (CNNs) for online detection of malware in cloud I.
• Score: 0.0
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Cloud Infrastructure as a Service (IaaS) is vulnerable to malware due to its exposure to external adversaries, making it a lucrative attack vector for malicious actors. A datacenter infected with malware can cause data loss and/or major disruptions to service for its users. This paper analyzes and compares various Convolutional Neural Networks (CNNs) for online detection of malware in cloud IaaS. The detection is performed based on behavioural data using process level performance metrics including cpu usage, memory usage, disk usage etc. We have used the state of the art DenseNets and ResNets in effectively detecting malware in online cloud system. CNN are designed to extract features from data gathered from a live malware running on a real cloud environment. Experiments are performed on OpenStack (a cloud IaaS software) testbed designed to replicate a typical 3-tier web architecture. Comparative analysis is performed for different metrics for different CNN models used in this research.

Related papers

• Nebula: Self-Attention for Dynamic Malware Analysis [14.710331873072146]
  We introduce Nebula, a versatile, self-attention Transformer-based neural architecture that generalizes across different behavioral representations and formats. We perform experiments on both malware detection and classification tasks, using three datasets acquired from different dynamic analyses platforms. We showcase how self-supervised learning pre-training matches the performance of fully-supervised models with only 20% of training data.
  arXiv  Detail & Related papers  (2023-09-19T09:24:36Z)
• DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness [58.23214712926585]
  We develop a certified defense, DRSM (De-Randomized Smoothed MalConv), by redesigning the de-randomized smoothing technique for the domain of malware detection. Specifically, we propose a window ablation scheme to provably limit the impact of adversarial bytes while maximally preserving local structures of the executables. We are the first to offer certified robustness in the realm of static detection of malware executables.
  arXiv  Detail & Related papers  (2023-03-20T17:25:22Z)
• New Approach to Malware Detection Using Optimized Convolutional Neural Network [0.0]
  This paper proposes a new convolutional deep learning neural network to accurately and effectively detect malware with high precision. The baseline model initially achieves 98% accurate rate but after increasing the depth of the CNN model, its accuracy reaches 99.183. To further solidify the effectiveness of this CNN model, we use the improved model to make predictions on new malware samples within our dataset.
  arXiv  Detail & Related papers  (2023-01-26T15:06:47Z)
• Unsupervised Point Cloud Representation Learning with Deep Neural Networks: A Survey [104.71816962689296]
  Unsupervised point cloud representation learning has attracted increasing attention due to the constraint in large-scale point cloud labelling. This paper provides a comprehensive review of unsupervised point cloud representation learning using deep neural networks.
  arXiv  Detail & Related papers  (2022-02-28T07:46:05Z)
• A Survey of Machine Learning Algorithms for Detecting Malware in IoT Firmware [0.0]
  This paper employs a number of machine learning algorithms to classify IoT firmware and the best performing models are reported. Deep learning approaches including Convolutional and Fully Connected Neural Networks are also explored.
  arXiv  Detail & Related papers  (2021-11-03T17:55:51Z)
• Analyzing Machine Learning Approaches for Online Malware Detection in Cloud [0.0]
  We present online malware detection based on process level performance metrics and analyze the effectiveness of different machine learning models. Our analysis conclude that neural network models can most accurately detect the malware that have on the process level features of virtual machines in the cloud.
  arXiv  Detail & Related papers  (2021-05-19T17:28:12Z)
• BreakingBED -- Breaking Binary and Efficient Deep Neural Networks by Adversarial Attacks [65.2021953284622]
  We study robustness of CNNs against white-box and black-box adversarial attacks. Results are shown for distilled CNNs, agent-based state-of-the-art pruned models, and binarized neural networks.
  arXiv  Detail & Related papers  (2021-03-14T20:43:19Z)
• Being Single Has Benefits. Instance Poisoning to Deceive Malware Classifiers [47.828297621738265]
  We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier. As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger. We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
  arXiv  Detail & Related papers  (2020-10-30T15:27:44Z)
• Classifying Malware Images with Convolutional Neural Network Models [2.363388546004777]
  In this paper, we use several convolutional neural network (CNN) models for static malware classification. The Inception V3 model achieves a test accuracy of 99.24%, which is better than the accuracy of 98.52% achieved by the current state-of-the-art system.
  arXiv  Detail & Related papers  (2020-10-30T07:39:30Z)
• Detecting malicious PDF using CNN [46.86114958340962]
  Malicious PDF files represent one of the biggest threats to computer security. We propose a novel algorithm that uses an ensemble of Convolutional Neural Network (CNN) on the byte level of the file. We show, using a data set of 90000 files downloadable online, that our approach maintains a high detection rate (94%) of PDF malware.
  arXiv  Detail & Related papers  (2020-07-24T18:27:45Z)
• Dense-Resolution Network for Point Cloud Classification and Segmentation [42.316932316581635]
  DRNet is designed to learn local point features from the point cloud in different resolutions. In addition to validating the network on widely used point cloud segmentation and classification benchmarks, we also test and visualize the performance of the components.
  arXiv  Detail & Related papers  (2020-05-14T06:13:53Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.