Malicious code detection based on CNNs and multi-objective algorithm

• Published in: Journal of parallel and distributed computing Vol. 129; pp. 50 - 58
• Main Authors: Cui, Zhihua, Du, Lei, Wang, Penghong, Cai, Xingjuan, Zhang, Wensheng
• Format: Journal Article
• Language: English
• Published: Elsevier Inc 01.07.2019
• Subjects: CNN; Deep learning; Imbalance data; Malicious code; NSGA-II; Deep learning; NSGA-II; CNN; Imbalance data; Malicious code
• ISSN: 0743-7315; 1096-0848
• DOI: 10.1016/j.jpdc.2019.03.010

An increasing amount of malicious code causes harm on the internet by threatening user privacy as one of the primary sources of network security vulnerabilities. The detection of malicious code is becoming increasingly crucial, and current methods of detection require much improvement. This paper proposes a method to advance the detection of malicious code using convolutional neural networks (CNNs) and intelligence algorithm. The CNNs are used to identify and classify grayscale images converted from executable files of malicious code. Non-dominated Sorting Genetic Algorithm II (NSGA-II) is then employed to deal with the data imbalance of malware families. A series of experiments are designed for malware image data from Vision Research Lab. The experimental results demonstrate that the proposed method is effective, maintaining higher accuracy and less loss. •A technique for converting a malware binary to an image was introduced.•In this paper, a method based on CNN is used to identify and classify the malicious codes.•An effective data equilibrium approach based on the NSGA-II was designed.•The proposed method was demonstrated through the extensive experiments.