UPM Institutional Repository

Comparative analysis and how efficient deep learning methods of malware detection


Citation

Mustapha, Norwati and Ahmed, Ahmed Firas Shihab and Mohamed, Raihani and Mohd Sani, Nor Fazlida (2024) Comparative analysis and how efficient deep learning methods of malware detection. Journal of Theoretical and Applied Information Technology, 102. pp. 6888-6904. ISSN 1992-8645; eISSN: 1817-3195

Abstract

Due to the massive interconnectivity among Internet devices in the Internet of Things (IoT), this led to security challenges in confronting attacks by malware. Detecting malware attacks in the IoT environment is considered a crucial matter that constitutes a challenge for researchers to contribute an accurate method to build a protection system capable of providing security for existing applications in the IoT environment. Today, most of the current research explores deep-learning methods for malware detection. This paper presents an approach that includes analysis to compare the performance of deep learning methods based on opcode in detecting malware in IoT. Four deep learning methods which include Recurrent Neural Networks (RNN), Long Short-Term Memory (LSTM), Convolutional Neural Networks (CNN), and Gated Recurrent Unit (GRU) are evaluated and compared for accuracy, precision, recall, and F-measure. The idea of this study is based on pre-processing and feature selection by identifying outlier values inside opcodes using the Interquartile range (IQR) technique. Then, the Recursive Feature Elimination (RFE) method has been applied to determine the important features and the suitable hyperparameters to reduce memory space. There are two data sets used in this study to evaluate the performance of the deep learning methods. The first dataset is generated by an IoT-based application with two classes which is considered smaller size than the second dataset which comprises nine different classes. The experimental results showed that the performance of the LSTM method outperformed compared to the other methods which were based on methods for measuring performance and reliability such as accuracy, precision, recall, and F-measure for both data sets. Moreover, used result of receiver operating characteristic (ROC) curves and precision-recall (PR) curves confirm that LSTM is the best method to detect malware. These results will be used as reference results to address the weaknesses of each deep learning method.


Download File

[img] Text
119394.pdf - Published Version
Download (2MB)
Official URL or Download Paper: https://www.jatit.org/volumes/hundredtwo19.php

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
Publisher: Little Lion Scientific R&D
Keywords: Malware detection; Deep learning; Ai methods; Efficiency
Depositing User: Ms. Nuraida Ibrahim
Date Deposited: 19 Aug 2025 02:37
Last Modified: 19 Aug 2025 02:37
URI: http://psasir.upm.edu.my/id/eprint/119394
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item