Institutional Repository [SANDBOX]
Technical University of Crete
EN  |  EL

Search

Browse

My Space

Malware detection using machine learning: a double input architecture

Bellonias Panagiotis

Full record


URI: http://purl.tuc.gr/dl/dias/EAA789D2-8A85-490D-B404-083B60FDFBB6
Year 2020
Type of Item Diploma Work
License
Details
Bibliographic Citation Panagiotis Bellonias, "Malware detection using machine learning: a double input architecture", Diploma Work, School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece, 2020 https://doi.org/10.26233/heallink.tuc.86343
Appears in Collections

Summary

This dissertation evaluates the effectiveness of a double input architecture of a machine learning model on malware detection. The model developed is compared to two different neural network architectures to highlight its effectiveness. The first one uses an image representation of the executable file as an input and the second one utilizes only features from the headers of the file. The implemented neural network, using both inputs, outperformed its contestants with an area under receiver operating characteristic (ROC) curve (AUC) equal to 0.989. Furthermore, state-of-the-art antivirus products were compared to the proposed architecture, even though the latter was trained with a relatively limited dataset. The proposed neural network of this work was placed third with a True Positive Rate of 0.972. Complete sources are provided for reproducing the proposed model and the derived results. The importance of large dataset availability in such domains should not be overlooked.

Available Files

Services

Statistics