Malware Classification Using LSTMs

Author

Dennis Dang, San Jose State University

Publication Date

Fall 2020

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Mark Stamp

Second Advisor

Fabio Di Troia

Third Advisor

Thomas Austin

Keywords

Malware Classification, LSTM, biLSTM, CNNs

Abstract

Signature and anomaly based detection have long been quintessential techniques used in malware detection. However, these techniques have become increasingly ineffective as malware becomes more complex. Researchers have therefore turned to deep learning to construct better performing models. In this project, we create four different long-short term memory (LSTM) models and train each model to classify malware by family type. Our data consists of opcodes extracted from malware executables. We employ techniques used in natural language processing (NLP) such as word embedding and bidirection LSTMs (biLSTM). We also use convolutional neural networks (CNN). We found that our model consisting of word embedding, biLSTMs and CNN layers performed the best in classifying malware.

Recommended Citation

Dang, Dennis, "Malware Classification Using LSTMs" (2020). Master's Projects. 963.
DOI: https://doi.org/10.31979/etd.c5r3-dsye
https://scholarworks.sjsu.edu/etd_projects/963