Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Static Malware Detection Using Stacked Bi-Directional LSTM
Download
Deniz_Demirci_tez_10421263.pdf
Date
2021-8-19
Author
Demirci, Deniz
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
407
views
116
downloads
Cite This
The recent proliferation in the use of the Internet and personal computers has made it easier for cybercriminals to expose Internet users to widespread and damaging threats. In order protect the end users against such threats, a security system must be proactive. It needs to detect malicious files or executables before reaching the end-user. To create an efficient and low-cost malware detection mechanism, in the present study, we propose stacked bidirectional long short-term memory (Stacked BiLSTM) based deep learning (DL) language model for detecting malicious code. We developed language models using assembly instructions from .text sections of malicious and benign Portable Executable (PE) files. We created our first dataset from assembly instructions obtained from static analysis of the PE files. The dataset was composed of text documents, and it was used in Document Level Analysis Model (DLAM). By splitting the first dataset into single instructions, we obtained the second dataset, which was then used in a Sentence Level Analysis Model (SLAM). We treated each instruction as a sentence, and .text sections as documents. We labeled each document and sentence by their corresponding malicious and benign tags. The experiments showed that the Document Level Analysis Model (DLAM), and the Sentence Level Analysis Model (SLAM) achieved 98,3% and 70.4% F1 scores, respectively.
Subject Keywords
Malware Detection
,
static analysis
,
opcode
,
Stacked BiLSTM
,
NLP
URI
https://hdl.handle.net/11511/92152
Collections
Graduate School of Informatics, Thesis
Suggestions
OpenMETU
Core
Static Malware Detection Using Stacked BiLSTM and GPT-2
Demirci, Deniz; Sahin, Nazenin; Sirlancis, Melih; Acartürk, Cengiz (2022-01-01)
In recent years, cyber threats and malicious software attacks have been escalated on various platforms. Therefore, it has become essential to develop automated machine learning methods for defending against malware. In the present study, we propose stacked bidirectional long short-term memory (Stacked BiLSTM) and generative pre-trained transformer based (GPT-2) deep learning language models for detecting malicious code. We developed language models using assembly instructions extracted from .text sections o...
Detection of malicious web pages
Süren, Emre; Özkan Yıldırım, Sevgi; Department of Information Systems (2014)
Cyber-attacks have been shaking the virtual world and malicious web pages have become a major weapon for Internet crimes. They host a number of malicious contents; such as spam, phishing, and drive-by download. Drive-by download technique exploits the victim’s machine and downloads a malware without any notice or consent. After infection, victim’s private data is stolen or encrypted and even worse the compromised machine is instrumented to mount further attacks. To this end, researchers have focused on prot...
Malware Detection Using Transformers-based Model GPT-2
Şahin, Nazenin; Acartürk, Cengiz; Department of Cybersecurity (2021-11-17)
The variety of malicious content, besides its complexity, has significantly impacted end-users of the Information and Communication Technologies (ICT). To mitigate the effect of malicious content, automated machine learning techniques have been developed to proactively defend the user systems against malware. Transformers, a category of attention-based deep learning techniques, have recently been shown to be effective in solving various malware problems by mainly employing Natural Language Processing (NLP) ...
Online DDoS attack detection using Mahalanobis distance and Kernel-based learning algorithm
Cakmakci, Salva Daneshgadeh; Kemmerich, Thomas; Ahmed, Tarem; Baykal, Nazife (Elsevier BV, 2020-10-01)
Distributed denial-of-service (DDoS) attacks are constantly evolving as the computer and networking technologies and attackers' motivations are changing. In recent years, several supervised DDoS detection algorithms have been proposed. However, these algorithms require a priori knowledge of the classes and cannot automatically adapt to frequently changing network traffic trends. This emphasizes the need for the development of new DDoS detection mechanisms that target zero-day and sophisticated DDoS attacks....
Undermining User Privacy on Mobile Devices Using AI
Gulmezoglu, Berk; Zankl, Andreas; Tol, M. Caner; Islam, Saad; Eisenbarth, Thomas; Sunar, Berk (2019-01-01)
Over the past years, literature has shown that attacks exploiting the microarchitecture of modern processors pose a serious threat to user privacy. This is because applications leave distinct footprints in the processor, which malware can use to infer user activities. In this work, we show that these inference attacks can greatly be enhanced with advanced AI techniques. In particular, we focus on profiling the activity in the last-level cache (LLC) of ARM processors. We employ a simple Prime+Probe based mon...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
D. Demirci, “Static Malware Detection Using Stacked Bi-Directional LSTM,” M.S. - Master of Science, Middle East Technical University, 2021.
