City Research Online

Waste not: using diverse neural networks from hyperparameter search for improved malware detection

Marques, P., Rhode, M. and Gashi, I. ORCID: 0000-0002-8017-3184 (2021). Waste not: using diverse neural networks from hyperparameter search for improved malware detection. Computers & Security, 108, 102339. doi: 10.1016/j.cose.2021.102339

Abstract

Many commercial anti-virus software already usesome form of machine learning to help with detection. How-ever, there has been little research on ways in which multiplealgorithms can be combined to improve malware detection. Thispaper presents an analysis of a dataset of malware and benignsoftware, analysed by diverse recurrent neural networks (RNNs).Our focus is on analysing the possible benefits and/or drawbacksin malware detection from using multiple algorithms in diverseconfigurations. We have analysed the sensitivity, specificity andaccuracy of RNN combinations with up to 10 models percombination, using prediction results from a previous research.Our results show significant gains in malware detection whenusing combinations with 1-out-of-N adjudication schemes (anincrease of 0.28), and likewise gains for specificity in N-out-of-N schemes (an increase of 0.14). We also look at the interplaybetween sensitivity and specificity when putting together systemsthat use a simple majority adjudication scheme (e.g. 3-out-of-5).Additionally, we highlight the major sources of diversity betweenthe various RNN models used, and speculate on the benefitstowards specific types of malware. To the best of our knowledge,similar results on the use of diverse machine learning algorithmsfor malware detection have not been presented in the past.

Publication Type: Article
Additional Information: © 2021. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/
Publisher Keywords: malware detection; design diversity; diverse machine learning; model diversity; cybersecurity
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: School of Mathematics, Computer Science & Engineering > Computer Science
School of Mathematics, Computer Science & Engineering > Computer Science > Software Reliability
Date available in CRO: 09 Jun 2021 13:32
Date deposited: 9 June 2021
Date of acceptance: 17 May 2021
Date of first online publication: 25 May 2021
URI: https://openaccess.city.ac.uk/id/eprint/26278
[img] Text - Accepted Version
This document is not freely accessible until 25 May 2022 due to copyright restrictions.
Available under License Creative Commons Attribution Non-commercial No Derivatives.

To request a copy, please use the button below.

Request a copy

Export

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login