Zero-day malware is a serious cybersecurity concern since it can evade detection techniques using trained and expert systems. In this paper, we propose Z-MDZS - a scheme to effectively identify zero-day malware using a zero-shot1 machine learning approach. Our objective is to detect previously unseen malware based on its properties and relationships to known malware variants, by applying zero-shot learning methods. We evaluate the effectiveness of Z-MDZS, using different machine learning methods, including Random Forest, Deep Neural Net- works, and Convolutional Neural Networks. Our results demon- strate that even with smaller feature sets, the zero-shot ML strategy yields solid results, particularly when Random Forest is used as the classifier. Furthermore, we discovered that balancing class samples using Generative Adversarial Network greatly increases classifier accuracy, highlighting its significance.

Z-MDZS: Zero-day Malware Detection using Zero-Shot Machine Learning Schemes

Flaminia Luccio;Riccardo Focardi
In corso di stampa

Abstract

Zero-day malware is a serious cybersecurity concern since it can evade detection techniques using trained and expert systems. In this paper, we propose Z-MDZS - a scheme to effectively identify zero-day malware using a zero-shot1 machine learning approach. Our objective is to detect previously unseen malware based on its properties and relationships to known malware variants, by applying zero-shot learning methods. We evaluate the effectiveness of Z-MDZS, using different machine learning methods, including Random Forest, Deep Neural Net- works, and Convolutional Neural Networks. Our results demon- strate that even with smaller feature sets, the zero-shot ML strategy yields solid results, particularly when Random Forest is used as the classifier. Furthermore, we discovered that balancing class samples using Generative Adversarial Network greatly increases classifier accuracy, highlighting its significance.
In corso di stampa
IEEE Consumer Communications & Networking Conference
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10278/5085607
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact