Open Access

ARTICLE

An LSTM-Based Malware Detection Using Transfer Learning

Zhangjie Fu^1,2,3,*, Yongjie Ding¹, Musaazi Godfrey¹

1 School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing, 210044, China
2 Guangxi Key Laboratory of Cryptography and Information Security, Guilin, 541004, China
3 College of Information Science and Technology, College of Cyber Security, Jinan University, Guangzhou, 510632, China

* Corresponding Author: Zhangjie Fu. Email:

Journal of Cyber Security 2021, 3(1), 11-28. https://doi.org/10.32604/jcs.2021.016632

Received 08 January 2021; Accepted 11 January 2021; Issue published 30 April 2021

Abstract

Mobile malware occupies a considerable proportion of cyberattacks. With the update of mobile device operating systems and the development of software technology, more and more new malware keep appearing. The emergence of new malware makes the identification accuracy of existing methods lower and lower. There is an urgent need for more effective malware detection models. In this paper, we propose a new approach to mobile malware detection that is able to detect newly-emerged malware instances. Firstly, we build and train the LSTM-based model on original benign and malware samples investigated by both static and dynamic analysis techniques. Then, we build a generative adversarial network to generate augmented examples, which can emulate the characteristics of newly-emerged malware. At last, we use the augmented examples to retrain the 4th and 5th layers of the LSTM network and the last fully connected layer so that it can discriminate against newly-emerged malware. Actual experiments show that our malware detection achieved a classification accuracy of 99.94% when tested on augmented samples and 86.5% with the samples of newly-emerged malware on real data.

---

Keywords

---