Prikl. Diskr. Mat., 2021, Number 52, Pages 69–82
Mathematical Backgrounds of Computer Security
Detection of malware using an artificial neural network based on adaptive resonant theory
D. G. Bukhanov, V. M. Polyakov, M. A. Redkina
Belgorod State Technological University named after V. G. Shukhov, Belgorod, Russia
The process of detecting malicious code by anti-virus systems is considered. The main part of this process is the procedure for analyzing a file or process. Artificial neural networks based on the adaptive-resonance theory are proposed to use as a method of analysis. The graph2vec vectorization algorithm is used to represent the analyzed program codes in numerical format. Despite the fact that the use of this vectorization method ignores the semantic relationships between the sequence of executable commands, it allows to reduce the analysis time without significant loss of accuracy. The use of an artificial neural network ART-2m with a hierarchical memory structure made it possible to reduce the classification time for a malicious file. Reducing the classification time allows to set more memory levels and increase the similarity parameter, which leads to an improved classification quality. Experiments show that with this approach to detecting malicious software, similar files can be recognized by both size and behavior.
malware, analysis of portable executable files, control flow graph, vectorization, deobfuscation, artificial neural networks based on adaptive resonance theory, clustering.
PDF file (1133 kB)
D. G. Bukhanov, V. M. Polyakov, M. A. Redkina, “Detection of malware using an artificial neural network based on adaptive resonant theory”, Prikl. Diskr. Mat., 2021, no. 52, 69–82
Citation in format AMSBIB
\by D.~G.~Bukhanov, V.~M.~Polyakov, M.~A.~Redkina
\paper Detection of malware using an artificial neural network based on adaptive resonant theory
\jour Prikl. Diskr. Mat.
Citing articles on Google Scholar:
Related articles on Google Scholar:
|Number of views:|