Malware Classification from Memory Dumps Using Machine Learning, Transformers, and Large Language Models
- URL: http://arxiv.org/abs/2503.02144v1
- Date: Tue, 04 Mar 2025 00:24:21 GMT
- Title: Malware Classification from Memory Dumps Using Machine Learning, Transformers, and Large Language Models
- Authors: Areej Dweib, Montaser Tanina, Shehab Alawi, Mohammad Dyab, Huthaifa I. Ashqar,
- Abstract summary: This study investigates the performance of various classification models for a malware classification task using different feature sets and data configurations.<n>XGB achieved the highest accuracy of 87.42% using the Top 45 Features, outperforming all other models.<n>Deep learning models underperformed, with RNN achieving 66.71% accuracy and Transformers reaching 71.59%.
- Score: 1.038088229789127
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: This study investigates the performance of various classification models for a malware classification task using different feature sets and data configurations. Six models-Logistic Regression, K-Nearest Neighbors (KNN), Support Vector Machines (SVM), Decision Trees, Random Forest (RF), and Extreme Gradient Boosting (XGB)-were evaluated alongside two deep learning models, Recurrent Neural Networks (RNN) and Transformers, as well as the Gemini zero-shot and few-shot learning methods. Four feature sets were tested including All Features, Literature Review Features, the Top 45 Features from RF, and Down-Sampled with Top 45 Features. XGB achieved the highest accuracy of 87.42% using the Top 45 Features, outperforming all other models. RF followed closely with 87.23% accuracy on the same feature set. In contrast, deep learning models underperformed, with RNN achieving 66.71% accuracy and Transformers reaching 71.59%. Down-sampling reduced performance across all models, with XGB dropping to 81.31%. Gemini zero-shot and few-shot learning approaches showed the lowest performance, with accuracies of 40.65% and 48.65%, respectively. The results highlight the importance of feature selection in improving model performance while reducing computational complexity. Traditional models like XGB and RF demonstrated superior performance, while deep learning and few-shot methods struggled to match their accuracy. This study underscores the effectiveness of traditional machine learning models for structured datasets and provides a foundation for future research into hybrid approaches and larger datasets.
Related papers
- Classification of Operational Records in Aviation Using Deep Learning Approaches [0.0]
This study evaluates the performance of four different models for DP (deep learning) in a classification task involving Commercial, Military, and Private categories.<n>Among the models, BLSTM achieved the highest overall accuracy of 72%, demonstrating superior performance in stability and balanced classification.<n>CNN and sRNN exhibited lower accuracies of 67% and 69%, with significant misclassifications in the Private class.
arXiv Detail & Related papers (2025-01-02T12:12:02Z) - Classifier Enhanced Deep Learning Model for Erythroblast Differentiation with Limited Data [0.08388591755871733]
Hematological disorders, which involve 1% of conditions and genetic diseases, present significant diagnostic challenges.
Our approach evaluates various machine learning settings offering efficacy of various machine variety learning (ML) models.
When data is available, the proposed solution is a solution for achieving higher accuracy for small and unique datasets.
arXiv Detail & Related papers (2024-11-23T15:51:15Z) - Building Math Agents with Multi-Turn Iterative Preference Learning [56.71330214021884]
This paper studies the complementary direct preference learning approach to further improve model performance.<n>Existing direct preference learning algorithms are originally designed for the single-turn chat task.<n>We introduce a multi-turn direct preference learning framework, tailored for this context.
arXiv Detail & Related papers (2024-09-04T02:41:04Z) - Stacking-Enhanced Bagging Ensemble Learning for Breast Cancer Classification with CNN [0.24578723416255752]
This paper proposes a CNN classification network based on Bagging and stacking ensemble learning methods for breast cancer classification.
The model is capable of fast and accurate classification of input images.
For binary classification (presence or absence of breast cancer), the accuracy reached 98.84%, and for five-class classification, the accuracy reached 98.34%.
arXiv Detail & Related papers (2024-07-15T09:44:43Z) - An Evaluation of Machine Learning Approaches for Early Diagnosis of
Autism Spectrum Disorder [0.0]
Autistic Spectrum Disorder (ASD) is a neurological disease characterized by difficulties with social interaction, communication, and repetitive activities.
This study employs diverse machine learning methods to identify crucial ASD traits, aiming to enhance and automate the diagnostic process.
arXiv Detail & Related papers (2023-09-20T21:23:37Z) - Robust Learning with Progressive Data Expansion Against Spurious
Correlation [65.83104529677234]
We study the learning process of a two-layer nonlinear convolutional neural network in the presence of spurious features.
Our analysis suggests that imbalanced data groups and easily learnable spurious features can lead to the dominance of spurious features during the learning process.
We propose a new training algorithm called PDE that efficiently enhances the model's robustness for a better worst-group performance.
arXiv Detail & Related papers (2023-06-08T05:44:06Z) - Transformer-based approaches to Sentiment Detection [55.41644538483948]
We examined the performance of four different types of state-of-the-art transformer models for text classification.
The RoBERTa transformer model performs best on the test dataset with a score of 82.6% and is highly recommended for quality predictions.
arXiv Detail & Related papers (2023-03-13T17:12:03Z) - Exploration of Various Deep Learning Models for Increased Accuracy in
Automatic Polyp Detection [62.997667081978825]
This paper explores deep learning models and algorithms that results in highest accuracy in detecting polyp on colonoscopy images.
Previous studies implemented deep learning using convolution neural network (CNN)
arXiv Detail & Related papers (2022-03-04T04:03:41Z) - Sparse MoEs meet Efficient Ensembles [49.313497379189315]
We study the interplay of two popular classes of such models: ensembles of neural networks and sparse mixture of experts (sparse MoEs)
We present Efficient Ensemble of Experts (E$3$), a scalable and simple ensemble of sparse MoEs that takes the best of both classes of models, while using up to 45% fewer FLOPs than a deep ensemble.
arXiv Detail & Related papers (2021-10-07T11:58:35Z) - ANNETTE: Accurate Neural Network Execution Time Estimation with Stacked
Models [56.21470608621633]
We propose a time estimation framework to decouple the architectural search from the target hardware.
The proposed methodology extracts a set of models from micro- kernel and multi-layer benchmarks and generates a stacked model for mapping and network execution time estimation.
We compare estimation accuracy and fidelity of the generated mixed models, statistical models with the roofline model, and a refined roofline model for evaluation.
arXiv Detail & Related papers (2021-05-07T11:39:05Z) - Utilizing Ensemble Learning for Performance and Power Modeling and
Improvement of Parallel Cancer Deep Learning CANDLE Benchmarks [0.0]
In this paper, we utilize ensemble learning to combine linear, nonlinear, and tree-/rule-based machine learning methods.
We use the datasets collected for two parallel cancer deep learning CANDLE benchmarks, NT3 and P1B2.
We achieve up to 61.15% performance improvement and up to 62.58% energy saving for P1B2 and up to 55.81% performance improvement and up to 52.60% energy saving for NT3 on up to 24,576 cores.
arXiv Detail & Related papers (2020-11-12T21:18:20Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.