A Worm Detection System Based on Deep Learning
| Autor: | Yeshuai Hu, Xinlin Yang, Hong Pan, Hanxun Zhou, Cliff C. Zou, Wei Guo |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2020 |
| Předmět: |
General Computer Science
Computer science Feature extraction Computer Science::Neural and Evolutionary Computation 02 engineering and technology Intrusion detection system worm signature automatic generation computer.software_genre Convolutional neural network worm detection 0202 electrical engineering electronic engineering information engineering General Materials Science Computer Science::Cryptography and Security Quantitative Biology::Biomolecules Artificial neural network business.industry Deep learning General Engineering deep learning 020206 networking & telecommunications Pattern recognition Network security Signature (logic) TK1-9971 Malware 020201 artificial intelligence & image processing Artificial intelligence Data pre-processing Electrical engineering. Electronics. Nuclear engineering business computer |
| Zdroj: | IEEE Access, Vol 8, Pp 205444-205454 (2020) |
| ISSN: | 2169-3536 |
| Popis: | In today’s cyber world, worms pose a great threat to the global network infrastructure. In this paper, we propose a worm detection system based on deep learning. It includes two main modules: one worm detection module based on a convolutional neural network (CNN) and one automatic worm signature generation module based on a deep neural network (DNN). In the CNN-based worm detection module, we propose three kinds of data preprocessing methods: frequency processing, frequency weighted processing, and difference processing, and use CNN to train the model for worm detection. In the DNN-based worm signature generation module, there are two phrase: DNN is firstly utilized for training the model with worm payloads and their corresponding signatures as input in the training phrase. After worm payloads are fed into the trained DNN model in the test phrase, worm signatures are generated by our proposed Signature Beam Search algorithm. In the experiment, we firstly analyzed the impact of different data preprocessing methods and the number of convolution-pooling layers in the CNN model on the worm detection performance. Then we analyzed the effects of different signatures in the DNN algorithm on the automatic generation of worm signatures. Experiments show that the generated signatures have a good detection performance. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|