Abstract
In this paper, we propose a new multi-task, deep learning architecture for malware classification for the binary (i.e. malware versus benign) malware classification task. All models are trained with data extracted from dynamic analysis of malicious and benign files. For the first time, we see improvements using multiple layers in a deep neural network architecture for malware classification. The system is trained on 4.5 million files and tested on a holdout test set of 2 million files which is the largest study to date. To achieve a binary classification error rate of 0.358%, the objective functions for the binary classification task and malware family classification task are combined in the multi-task architecture. In addition, we propose a standard (i.e. non multi-task) malware family classification architecture which also achieves a malware family classification error rate of 2.94%.
Cite
CITATION STYLE
Huang, W., & Stokes, J. W. (2016). MtNet: A multi-task neural network for dynamic malware classification. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9721, pp. 399–418). Springer Verlag. https://doi.org/10.1007/978-3-319-40667-1_20
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
