Abstract:
The internet has made room for lots of unwanted activity to propagate through computers. In response, many methods were established to detect a certain computer executable as malicious. However, there were still loopholes for hackers within traditional systems. Some methods use machine learning others use deep learning. There are some drawbacks to each method, such as reverse analysis and restricted simulation on different execution paths, as well as long execution time. Some methods cannot generalize well and cannot scale to large amounts of data. Moreover, anti-viruses, using signature-based classification, have proven to be insufficient in certain instances, as certain malware has been developed in a way to include a signature beyond the available malware datasets. For this reason, deep learning techniques with different architectures were introduced to select features automatically, identify and classify malware programs. Specifically, using transfer learning to classify malware binaries has proven to be an improvement on the current deep learning methods which take days to execute. Transfer learning speeds up the process by using much less epochs in fitting the models.
Description:
M.S. -- Faculty of Natural and Applied Sciences, Notre Dame University, Louaize, 2021; "A thesis presented in partial fulfillment of the requirements for the Degree of Master of Science in Computer Science"; Includes bibliographical references (pages iii-v).
Except where otherwise noted, this item's license is described as Attribution 3.0 United States