Towards Building an Intelligent Anti-Malware System: A Deep Learning Approach using Support Vector Machine (SVM) for Malware Classification

TL;DR

This paper explores deep learning models combined with SVM for malware classification, demonstrating that the GRU-SVM model achieves approximately 84.92% accuracy on malware family detection using the Malimg dataset.

Contribution

It introduces a novel combination of deep learning architectures with SVM for malware classification and evaluates their effectiveness on a standard dataset.

Findings

GRU-SVM outperforms other models with ~84.92% accuracy

Deep learning models can generalize to detect new malware

The study highlights the potential of DL-SVM hybrid models in anti-malware systems

Abstract

Effective and efficient mitigation of malware is a long-time endeavor in the information security community. The development of an anti-malware system that can counteract an unknown malware is a prolific activity that may benefit several sectors. We envision an intelligent anti-malware system that utilizes the power of deep learning (DL) models. Using such models would enable the detection of newly-released malware through mathematical generalization. That is, finding the relationship between a given malware $x$ and its corresponding malware family $y$, $f: x \mapsto y$. To accomplish this feat, we used the Malimg dataset (Nataraj et al., 2011) which consists of malware images that were processed from malware binaries, and then we trained the following DL models 1 to classify each malware family: CNN-SVM (Tang, 2013), GRU-SVM (Agarap, 2017), and MLP-SVM. Empirical evidence has shown that the GRU-SVM stands out among the DL models with a predictive accuracy of ~84.92%. This stands to reason for the mentioned model had the relatively most sophisticated architecture design among the presented models. The exploration of an even more optimal DL-SVM model is the next stage towards the engineering of an intelligent anti-malware system.