Federation Symposium | 2022
Permanent URI for this collectionhttps://hdl.handle.net/11274/13620
Browse
Browsing Federation Symposium | 2022 by Author "Dongeun Lee"
Now showing 1 - 1 of 1
- Results Per Page
- Sort Options
Item Automated Profiling-Based Zero-Day Malware Detection(2022) Kim, Chiho; Sang-Yoon Chang; Jonghyun Kim; Dongeun Lee; Jinoh Kim(Motivation) The impact of malware attacks has been getting more significant, targeting critical infrastructures as well as commodity computing devices. A body of studies has been carried out for detecting malware with its devastating impacts, but they are often limited to known malware attacks due to the nature of the signature-based and supervised machine learning approaches. (Semi-supervised approach) Semi-supervised learning would be an option, but our preliminary studies suggest two limitations: (i) one class (OC) classifiers can be limited with low detection rates, and (ii) the profiling-based approach (using an autoencoder) often needs an “ideal” threshold setting. (Proposed method) We tackle these challenges by incorporating the concepts of autoencoding and OC classification, to benefit from strong abstractions by autoencoder but to remove the necessity of the complex threshold selection using an OC classifier. (Evaluation) Our experimental results with a recent malware dataset (Meraz’18) show comparable performance to the supervised learning methods, yielding up to 96% accuracy. The proposed method also shows resilience to adversarial attacks, yielding better performance for identifying evading samples than supervised learning methods.