Comparative analysis and how efficient deep learning methods of malware detection
Due to the massive interconnectivity among Internet devices in the Internet of Things (IoT), this led to security challenges in confronting attacks by malware. Detecting malware attacks in the IoT environment is considered a crucial matter that constitutes a challenge for researchers to contribute a...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Little Lion Scientific R&D
2024
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/119394/ http://psasir.upm.edu.my/id/eprint/119394/1/119394.pdf |
| _version_ | 1848867953023385600 |
|---|---|
| author | Mustapha, Norwati Ahmed, Ahmed Firas Shihab Mohamed, Raihani Mohd Sani, Nor Fazlida |
| author_facet | Mustapha, Norwati Ahmed, Ahmed Firas Shihab Mohamed, Raihani Mohd Sani, Nor Fazlida |
| author_sort | Mustapha, Norwati |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | Due to the massive interconnectivity among Internet devices in the Internet of Things (IoT), this led to security challenges in confronting attacks by malware. Detecting malware attacks in the IoT environment is considered a crucial matter that constitutes a challenge for researchers to contribute an accurate method to build a protection system capable of providing security for existing applications in the IoT environment. Today, most of the current research explores deep-learning methods for malware detection. This paper presents an approach that includes analysis to compare the performance of deep learning methods based on opcode in detecting malware in IoT. Four deep learning methods which include Recurrent Neural Networks (RNN), Long Short-Term Memory (LSTM), Convolutional Neural Networks (CNN), and Gated Recurrent Unit (GRU) are evaluated and compared for accuracy, precision, recall, and F-measure. The idea of this study is based on pre-processing and feature selection by identifying outlier values inside opcodes using the Interquartile range (IQR) technique. Then, the Recursive Feature Elimination (RFE) method has been applied to determine the important features and the suitable hyperparameters to reduce memory space. There are two data sets used in this study to evaluate the performance of the deep learning methods. The first dataset is generated by an IoT-based application with two classes which is considered smaller size than the second dataset which comprises nine different classes. The experimental results showed that the performance of the LSTM method outperformed compared to the other methods which were based on methods for measuring performance and reliability such as accuracy, precision, recall, and F-measure for both data sets. Moreover, used result of receiver operating characteristic (ROC) curves and precision-recall (PR) curves confirm that LSTM is the best method to detect malware. These results will be used as reference results to address the weaknesses of each deep learning method. |
| first_indexed | 2025-11-15T14:44:41Z |
| format | Article |
| id | upm-119394 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T14:44:41Z |
| publishDate | 2024 |
| publisher | Little Lion Scientific R&D |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-1193942025-08-19T02:37:51Z http://psasir.upm.edu.my/id/eprint/119394/ Comparative analysis and how efficient deep learning methods of malware detection Mustapha, Norwati Ahmed, Ahmed Firas Shihab Mohamed, Raihani Mohd Sani, Nor Fazlida Due to the massive interconnectivity among Internet devices in the Internet of Things (IoT), this led to security challenges in confronting attacks by malware. Detecting malware attacks in the IoT environment is considered a crucial matter that constitutes a challenge for researchers to contribute an accurate method to build a protection system capable of providing security for existing applications in the IoT environment. Today, most of the current research explores deep-learning methods for malware detection. This paper presents an approach that includes analysis to compare the performance of deep learning methods based on opcode in detecting malware in IoT. Four deep learning methods which include Recurrent Neural Networks (RNN), Long Short-Term Memory (LSTM), Convolutional Neural Networks (CNN), and Gated Recurrent Unit (GRU) are evaluated and compared for accuracy, precision, recall, and F-measure. The idea of this study is based on pre-processing and feature selection by identifying outlier values inside opcodes using the Interquartile range (IQR) technique. Then, the Recursive Feature Elimination (RFE) method has been applied to determine the important features and the suitable hyperparameters to reduce memory space. There are two data sets used in this study to evaluate the performance of the deep learning methods. The first dataset is generated by an IoT-based application with two classes which is considered smaller size than the second dataset which comprises nine different classes. The experimental results showed that the performance of the LSTM method outperformed compared to the other methods which were based on methods for measuring performance and reliability such as accuracy, precision, recall, and F-measure for both data sets. Moreover, used result of receiver operating characteristic (ROC) curves and precision-recall (PR) curves confirm that LSTM is the best method to detect malware. These results will be used as reference results to address the weaknesses of each deep learning method. Little Lion Scientific R&D 2024 Article PeerReviewed text en http://psasir.upm.edu.my/id/eprint/119394/1/119394.pdf Mustapha, Norwati and Ahmed, Ahmed Firas Shihab and Mohamed, Raihani and Mohd Sani, Nor Fazlida (2024) Comparative analysis and how efficient deep learning methods of malware detection. Journal of Theoretical and Applied Information Technology, 102. pp. 6888-6904. ISSN 1992-8645; eISSN: 1817-3195 https://www.jatit.org/volumes/hundredtwo19.php |
| spellingShingle | Mustapha, Norwati Ahmed, Ahmed Firas Shihab Mohamed, Raihani Mohd Sani, Nor Fazlida Comparative analysis and how efficient deep learning methods of malware detection |
| title | Comparative analysis and how efficient deep learning methods of malware detection |
| title_full | Comparative analysis and how efficient deep learning methods of malware detection |
| title_fullStr | Comparative analysis and how efficient deep learning methods of malware detection |
| title_full_unstemmed | Comparative analysis and how efficient deep learning methods of malware detection |
| title_short | Comparative analysis and how efficient deep learning methods of malware detection |
| title_sort | comparative analysis and how efficient deep learning methods of malware detection |
| url | http://psasir.upm.edu.my/id/eprint/119394/ http://psasir.upm.edu.my/id/eprint/119394/ http://psasir.upm.edu.my/id/eprint/119394/1/119394.pdf |