An Empirical Analysis of Image-Based Learning Techniques for Malware Classification

TL;DR

This paper conducts a comprehensive empirical study on image-based deep learning methods for malware classification, comparing various models and features on a large, diverse dataset to establish state-of-the-art results.

Contribution

It introduces a broad comparison of multiple deep learning techniques, including transfer learning with VGG-19 and ResNet152, on a larger and more diverse malware dataset.

Findings

CNN with transfer learning achieves high accuracy

Diverse deep learning models outperform traditional methods

Larger dataset improves model robustness

Abstract

In this paper, we consider malware classification using deep learning techniques and image-based features. We employ a wide variety of deep learning techniques, including multilayer perceptrons (MLP), convolutional neural networks (CNN), long short-term memory (LSTM), and gated recurrent units (GRU). Amongst our CNN experiments, transfer learning plays a prominent role specifically, we test the VGG-19 and ResNet152 models. As compared to previous work, the results presented in this paper are based on a larger and more diverse malware dataset, we consider a wider array of features, and we experiment with a much greater variety of learning techniques. Consequently, our results are the most comprehensive and complete that have yet been published.