DLGraph: Malware Detection Using Deep Learning and Graph Embedding

Haodi Jiang, Turki Turki, Jason Wang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

In this paper we present a new approach, named DLGraph, for malware detection using deep learning and graph embedding. DLGraph employs two stacked denoising autoencoders (SDAs) for representation learning, taking into consideration computer programs' function-call graphs and Windows application programming interface (API) calls. Given a program, we first use a graph embedding technique that maps the program's function-call graph to a vector in a low-dimensional feature space. One SDA in our deep learning model is used to learn a latent representation of the embedded vector of the function-call graph. The other SDA in our model is used to learn a latent representation of the given program's Windows API calls. The two learned latent representations are then merged to form a combined feature vector. Finally, we use softmax regression to classify the combined feature vector for predicting whether the given program is malware or not. Experimental results based on different datasets demonstrate the effectiveness of the proposed approach and its superiority over a related method.

Original languageEnglish (US)
Title of host publicationProceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
EditorsM. Arif Wani, Moamar Sayed-Mouchaweh, Edwin Lughofer, Joao Gama, Mehmed Kantardzic
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1029-1033
Number of pages5
ISBN (Electronic)9781538668047
DOIs
StatePublished - Jan 15 2019
Event17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018 - Orlando, United States
Duration: Dec 17 2018Dec 20 2018

Publication series

NameProceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018

Conference

Conference17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
CountryUnited States
CityOrlando
Period12/17/1812/20/18

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Networks and Communications
  • Computer Science Applications
  • Computer Vision and Pattern Recognition
  • Safety, Risk, Reliability and Quality
  • Signal Processing
  • Decision Sciences (miscellaneous)

Keywords

  • Function-call graphs
  • Malware detection
  • Windows API calls

Fingerprint Dive into the research topics of 'DLGraph: Malware Detection Using Deep Learning and Graph Embedding'. Together they form a unique fingerprint.

Cite this