A deep convolutional neural network stacked ensemble for malware threat classification in internet of things

Naeem, Hamad, Cheng, Xiaochun ORCID: https://orcid.org/0000-0003-0371-9646, Ullah, Farhan ORCID: https://orcid.org/0000-0002-1030-1275, Jabbar, Sohail and Dong, Shi (2022) A deep convolutional neural network stacked ensemble for malware threat classification in internet of things. Journal of Circuits, Systems and Computers, 31 (17) , 2250302. ISSN 0218-1266 [Article] (doi:10.1142/s0218126622503029)

Official URL: https://doi.org/10.1142/s0218126622503029

Abstract

Malicious attacks to software applications are on the rise as more people use Internet of things (IoT) devices and high-speed internet. When a software system crash happens caused by malicious action, a malware imaging method can examine the application. In this study, we present a novel malware classification method that captures suspected operations in a variety of discrete size image features, allowing us to identify such IoT device malware families. To decrease deep neural network training time, essential local and global image features are selected using a combined local and global feature descriptor (LBP-GLCM). The classification performance of the proposed deep learning model is improved by combining the predictions of weak learners (CNNs) and using them as knowledge input to a multi-layer perceptron meta learner. This is a neural network ensemble with stacked generalization that is used to improve network generalization ability. The public dataset used for performance evaluation contains 5472 samples from 11 different malware families. In order to compare the proposed methodology to current malware detection systems, we developed a baseline experiment. The proposed approach improved malware classification results to 98.5% accuracy and 98.4% accuracy when using [Formula: see text] and [Formula: see text] image sizes, respectively. Overall, the results showed that the stacked generalization ensemble with multi-step extracting features is a more effective method for classification performance and response time.

Item Type:	Article
Keywords (uncontrolled):	Cybersecurity, android image, stacked ensemble, malware visualization, threats detection
Research Areas:	A. > School of Science and Technology > Computer Science
Item ID:	35500
Useful Links:	Publisher's T&Cs Publisher Middlesex University Expert Profile
Depositing User:	Jisc Publications Router
Date Deposited:	28 Jul 2022 09:05
Last Modified:	02 Dec 2022 11:56
URI:	https://eprints.mdx.ac.uk/id/eprint/35500

Actions (login required)

View Item

Statistics

DownloadsShow export options

Activity Overview

6 month trend

0Downloads

6 month trend

139Hits

Additional statistics are available via IRStats2.

CORE (COnnecting REpositories)