Yazar "Al-Musawi, Hussein Sadraldeen Hussein" seçeneğine göre listele

Listeleniyor 1 - 1 / 1
  • Küçük Resim
    Öğe
    HYBRID MALWARE DETECTION AND CLASSIFICATION IN REAL-TIME BY DEEP LEARNING TECHNIQUES
    (2022-08) Al-Musawi, Hussein Sadraldeen Hussein
    In the consequence of communication between people, the sending of crucial data, particularly between them, the downloading of a great number of programs and files are attractive for the cybercriminals. Because the cybercriminals are becoming more sophisticated in their methods, there is a need to develop a robust security mechanism against malicious software, which is growing daily and has become more risky and more complex. In this research project, we presented two new datasets that belong to the same samples that we collected. The first is built on visualization (static analysis) whereas the second is built on API call sequences (dynamic analysis) to detect malware in different methods in case it is encrypted or uses obfuscation techniques. In this study, different models of deep learning used to protect against malware by identifying and categorizing the family to which it belongs are presented. The first dataset, which contains benign and malware images after converted from malware binary numbers, used our custom model and three of the common pretrained network models of CNN (VGG16, Inception V3, and Resnet50). The second dataset, which contains API call sequences, uses two algorithms of RNN (LSTM and GRU). Also, with the second dataset, a CNN was used with API call sequence numbers after reshaping and normalizing it. Finally, we choose three best models for real-time detection and classification: one for CNN using the first dataset, one for RNN using the second dataset, and one for the CNN model using the second dataset after normalizing and reshaping it. We selected the best models depending on their accuracy, number of parameters, and cost-effectiveness (memory). Our framework achieved high accuracy in all models and when testing for examples of malware that belong to the same families but are absent from the dataset that was gathered. These models were found and categorized in a manner that was both very accurate and carried out in real time.