A Novel Study on Intelligent Methods and Explainable AI for Dynamic Malware Analysis

TL;DR

This paper explores the use of explainable AI techniques to improve the interpretability and trustworthiness of deep learning models, including MLPs, CNNs, RNNs, and CNN-LSTM, in dynamic malware analysis, especially for detecting Metamorphic Malware.

Contribution

It introduces a comprehensive approach integrating XAI with various deep learning models for malware detection, focusing on less-explored MLPs and enhancing model transparency.

Findings

MLPs effectively detect Metamorphic Malware

XAI techniques improve model interpretability

Deep learning models show high accuracy in malware classification

Abstract

Deep learning models are one of the security strategies, trained on extensive datasets, and play a critical role in detecting and responding to these threats by recognizing complex patterns in malicious code. However, the opaque nature of these models-often described as "black boxes"-makes their decision-making processes difficult to understand, even for their creators. This research addresses these challenges by integrating Explainable AI (XAI) techniques to enhance the interpretability and trustworthiness of malware detection models. In this research, the use of Multi-Layer Perceptrons (MLP) for dynamic malware analysis has been considered, a less explored area, and its efficacy in detecting Metamorphic Malware, and further the effectiveness and transparency of MLPs, CNNs, RNNs, and CNN-LSTM models in malware classification, evaluating these models through the lens of Explainable AI (XAI). This comprehensive approach aims to demystify the internal workings of deep learning models, promoting a better understanding and trust in their predictive capabilities in cybersecurity contexts. Such in-depth analysis and implementation haven't been done to the best of our knowledge.