A deep convolutional neural network stacked ensemble for malware threat classification in internet of things

Naeem, Hamad, Cheng, Xiaochun ORCID logoORCID: https://orcid.org/0000-0003-0371-9646, Ullah, Farhan ORCID logoORCID: https://orcid.org/0000-0002-1030-1275, Jabbar, Sohail and Dong, Shi (2022) A deep convolutional neural network stacked ensemble for malware threat classification in internet of things. Journal of Circuits, Systems and Computers . ISSN 0218-1266 [Article] (Published online first) (doi:10.1142/s0218126622503029)

Abstract

Malicious attacks to software applications are on the rise as more people use Internet of things (IoT) devices and high-speed internet. When a software system crash happens caused by malicious action, a malware imaging method can examine the application. In this study, we present a novel malware classification method that captures suspected operations in a variety of discrete size image features, allowing us to identify such IoT device malware families. To decrease deep neural network training time, essential local and global image features are selected using a combined local and global feature descriptor (LBP-GLCM). The classification performance of the proposed deep learning model is improved by combining the predictions of weak learners (CNNs) and using them as knowledge input to a multi-layer perceptron meta learner. This is a neural network ensemble with stacked generalization that is used to improve network generalization ability. The public dataset used for performance evaluation contains 5472 samples from 11 different malware families. In order to compare the proposed methodology to current malware detection systems, we developed a baseline experiment. The proposed approach improved malware classification results to 98.5% accuracy and 98.4% accuracy when using [Formula: see text] and [Formula: see text] image sizes, respectively. Overall, the results showed that the stacked generalization ensemble with multi-step extracting features is a more effective method for classification performance and response time.

Item Type: Article
Keywords (uncontrolled): Cybersecurity, android image, stacked ensemble, malware visualization, threats detection
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 35500
Useful Links:
Depositing User: Jisc Publications Router
Date Deposited: 28 Jul 2022 09:05
Last Modified: 28 Jul 2022 09:05
URI: https://eprints.mdx.ac.uk/id/eprint/35500

Actions (login required)

View Item View Item

Statistics

Activity Overview
6 month trend
0Downloads
6 month trend
32Hits

Additional statistics are available via IRStats2.