Cargando…
Attention-Based Automated Feature Extraction for Malware Analysis
Every day, hundreds of thousands of malicious files are created to exploit zero-day vulnerabilities. Existing pattern-based antivirus solutions face difficulties in coping with such a large number of new malicious files. To solve this problem, artificial intelligence (AI)-based malicious file detect...
| Autores principales: | , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7284474/ https://www.ncbi.nlm.nih.gov/pubmed/32443750 http://dx.doi.org/10.3390/s20102893 |
| _version_ | 1783544475390312448 |
|---|---|
| author | Choi, Sunoh Bae, Jangseong Lee, Changki Kim, Youngsoo Kim, Jonghyun |
| author_facet | Choi, Sunoh Bae, Jangseong Lee, Changki Kim, Youngsoo Kim, Jonghyun |
| author_sort | Choi, Sunoh |
| collection | PubMed |
| description | Every day, hundreds of thousands of malicious files are created to exploit zero-day vulnerabilities. Existing pattern-based antivirus solutions face difficulties in coping with such a large number of new malicious files. To solve this problem, artificial intelligence (AI)-based malicious file detection methods have been proposed. However, even if we can detect malicious files with high accuracy using deep learning, it is difficult to identify why files are malicious. In this study, we propose a malicious file feature extraction method based on attention mechanism. First, by adapting the attention mechanism, we can identify application program interface (API) system calls that are more important than others for determining whether a file is malicious. Second, we confirm that this approach yields an accuracy that is approximately 12% and 5% higher than a conventional AI-based detection model using convolutional neural networks and skip-connected long short-term memory-based detection model, respectively. |
| format | Online Article Text |
| id | pubmed-7284474 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-72844742020-06-15 Attention-Based Automated Feature Extraction for Malware Analysis Choi, Sunoh Bae, Jangseong Lee, Changki Kim, Youngsoo Kim, Jonghyun Sensors (Basel) Article Every day, hundreds of thousands of malicious files are created to exploit zero-day vulnerabilities. Existing pattern-based antivirus solutions face difficulties in coping with such a large number of new malicious files. To solve this problem, artificial intelligence (AI)-based malicious file detection methods have been proposed. However, even if we can detect malicious files with high accuracy using deep learning, it is difficult to identify why files are malicious. In this study, we propose a malicious file feature extraction method based on attention mechanism. First, by adapting the attention mechanism, we can identify application program interface (API) system calls that are more important than others for determining whether a file is malicious. Second, we confirm that this approach yields an accuracy that is approximately 12% and 5% higher than a conventional AI-based detection model using convolutional neural networks and skip-connected long short-term memory-based detection model, respectively. MDPI 2020-05-20 /pmc/articles/PMC7284474/ /pubmed/32443750 http://dx.doi.org/10.3390/s20102893 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Choi, Sunoh Bae, Jangseong Lee, Changki Kim, Youngsoo Kim, Jonghyun Attention-Based Automated Feature Extraction for Malware Analysis |
| title | Attention-Based Automated Feature Extraction for Malware Analysis |
| title_full | Attention-Based Automated Feature Extraction for Malware Analysis |
| title_fullStr | Attention-Based Automated Feature Extraction for Malware Analysis |
| title_full_unstemmed | Attention-Based Automated Feature Extraction for Malware Analysis |
| title_short | Attention-Based Automated Feature Extraction for Malware Analysis |
| title_sort | attention-based automated feature extraction for malware analysis |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7284474/ https://www.ncbi.nlm.nih.gov/pubmed/32443750 http://dx.doi.org/10.3390/s20102893 |
| work_keys_str_mv | AT choisunoh attentionbasedautomatedfeatureextractionformalwareanalysis AT baejangseong attentionbasedautomatedfeatureextractionformalwareanalysis AT leechangki attentionbasedautomatedfeatureextractionformalwareanalysis AT kimyoungsoo attentionbasedautomatedfeatureextractionformalwareanalysis AT kimjonghyun attentionbasedautomatedfeatureextractionformalwareanalysis |