Vol.3, No.1, 2021, pp.11-28, doi:10.32604/jcs.2021.016632
OPEN ACCESS
ARTICLE
An LSTM-Based Malware Detection Using Transfer Learning
  • Zhangjie Fu1,2,3,*, Yongjie Ding1, Musaazi Godfrey1
1 School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing, 210044, China
2 Guangxi Key Laboratory of Cryptography and Information Security, Guilin, 541004, China
3 College of Information Science and Technology, College of Cyber Security, Jinan University, Guangzhou, 510632, China
* Corresponding Author: Zhangjie Fu. Email:
Received 08 January 2021; Accepted 11 January 2021; Issue published 30 April 2021
Abstract
Mobile malware occupies a considerable proportion of cyberattacks. With the update of mobile device operating systems and the development of software technology, more and more new malware keep appearing. The emergence of new malware makes the identification accuracy of existing methods lower and lower. There is an urgent need for more effective malware detection models. In this paper, we propose a new approach to mobile malware detection that is able to detect newly-emerged malware instances. Firstly, we build and train the LSTM-based model on original benign and malware samples investigated by both static and dynamic analysis techniques. Then, we build a generative adversarial network to generate augmented examples, which can emulate the characteristics of newly-emerged malware. At last, we use the augmented examples to retrain the 4th and 5th layers of the LSTM network and the last fully connected layer so that it can discriminate against newly-emerged malware. Actual experiments show that our malware detection achieved a classification accuracy of 99.94% when tested on augmented samples and 86.5% with the samples of newly-emerged malware on real data.
Keywords
Malware detection; long short term memory networks; generative adversarial networks; transfer learning; augmented examples
Cite This Article
Z. Fu, Y. Ding and M. Godfrey, "An lstm-based malware detection using transfer learning," Journal of Cyber Security, vol. 3, no.1, pp. 11–28, 2021.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.