General Information
    • ISSN: 1793-8201 (Print), 2972-4511 (Online)
    • Abbreviated Title: Int. J. Comput. Theory Eng.
    • Frequency: Quarterly
    • DOI: 10.7763/IJCTE
    • Editor-in-Chief: Prof. Mehmet Sahinoglu
    • Associate Editor-in-Chief: Assoc. Prof. Alberto Arteta, Assoc. Prof. Engin Maşazade
    • Managing Editor: Ms. Cecilia Xie
    • Abstracting/Indexing: Scopus (Since 2022), INSPEC (IET), CNKI,  Google Scholar, EBSCO, etc.
    • Average Days from Submission to Acceptance: 192 days
    • APC: 800 USD
    • E-mail: editor@ijcte.org
    • Journal Metrics:
    • SCImago Journal & Country Rank
Article Metrics in Dimensions

IJCTE 2023 Vol.15(3): 111-116
DOI: 10.7763/IJCTE.2023.V15.1339

Malware Classification Using Low-Level Characteristics

Tuan Van Dao*, Hiroshi Sato, Masao Kubo, and Yasuhiro Nakamura

Manuscript received December 22, 2022; revised January 29, 2023; accepted March 28, 2023.

Abstract—Malware is growing at breakneck speed and has become a global problem. Malware detection has reached a high accuracy level of nearly 100%; however, malware classification is still challenging. Distinguishing and classifying different types of malware from each other is essential to better understanding how they can infect computers and devices, their threat level, and how to protect against them. Traditional malware classification works based on signature and behavior approaches. This approach is fragile in address with polymorphic and metamorphic malware. Moreover, because of the rapid development of several automatic malware creation tools, these methods cannot catch up to the speed of malware generation. Machine learning has handled most of today’s problems with models ranging from simple to complex. Current studies focus on high-level characteristics of malware, which require high computational costs to detect and classify malware via complex neural network architectures, but the performance is still not groundbreaking. On the contrary, low-level characteristics still have much potential but are still not fully exploited. This study takes the advance of ensembling two low-level characteristic sets, including registers and opcodes, and selecting the appropriate features through the selection feature algorithm to increase performance and reduce computational costs. Proposed method outperformed previous works on two different malware data. This paper shows that extraction and selection features are no less critical than it is for architecture development.

Index Terms—Malware classification, opcode, register, machine learning

T. V. Dao, H. Sato, M. Kubo, and Y. Nakamura are with the Graduate School of Science and Engineering, National Defense Academy of Japan, Japan. E-mail: hsato@nda.ac.jp (H.S.), masaok@nda.ac.jp (M.K.), yas@nda.ac.jp (Y.N.).
*Correspondence: ed21006@nda.ac.jp (T.V.D.)

[PDF]

Cite:Tuan Van Dao, Hiroshi Sato, Masao Kubo, and Yasuhiro Nakamura, "Malware Classification Using Low-Level Characteristics," International Journal of Computer Theory and Engineering vol. 15, no. 3, pp. 111-116, 2023.

Copyright © 2023 by the authors. This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).


Copyright © 2008-2024. International Association of Computer Science and Information Technology. All rights reserved.