You are here

Malware Detection Using System Logs

Authors: 

Nhu T Nguyen, Thuy T Pham, Tien X Dang, Minh-Son Dao, Duc-Tien Dang-Nguyen, Cathal Gurrin, Binh T Nguyen

Publication Type: 
Edited Conference Meeting Proceeding
Abstract: 
Malware detection is one of the most critical features in many real applications, especially for the mobile platform and the Internet of Things (IoT) technology. Due to the proliferation of mobile devices and the associated app-stores, the volume of new applications growing extremely fast requires a better way to analyze all possible malicious behaviors. In this paper, we investigate the malware prediction problem using system log files that contain numbers of sequences of system calls recorded from IoT devices. We construct a suitable multi-class classification model by using the combination of hand-crafted features, (including Bag-of-Ngrams, TF-IDF, and the statistical metrics computed from the consecutive repeated system calls in each log file). Also, we consider different machine learning models, including Random Forest, Support Vector Machines, and Extreme Gradient Boosting, and measure the performance of each method in terms of precision, recall, and F1-score. The experimental results show that a combination of different features, as well as using the Extreme Gradient Boosting technique, can help us to achieve promising performance in the dataset provided by the organizers of the competition CMDC 2019.
Conference Name: 
Intelligent on Intelligent Cross-Data Analysis and Retrieval Workshop
Proceedings: 
https://dl.acm.org/doi/abs/10.1145/3379174.3392318
Digital Object Identifer (DOI): 
10.1145/3379174.3392318
Publication Date: 
08/06/2020
Conference Location: 
Ireland
Research Group: 
Institution: 
Dublin City University (DCU)
Open access repository: 
Yes