Methods for developing a deep neural network architecture designed to recognize computer viruses
DOI:
https://doi.org/10.18372/2410-7840.20.13074Keywords:
information security, computer virus, neural network model, deep neural network, rarefied autocoderAbstract
The article is devoted to the solution of the problem of improving computer virus recognition systems. Although the antivirus protection systems have been used for several decades, a lot of highly skilled specialists are involved in their development, and a large number of works are devoted to the creation of the appropriate scientific and methodological base, but practical experience and known cases of successful virus attacks on domestic and foreign computer systems and networks point to the presence in modern antivirus detection of serious shortcomings. It is shown that correcting a number of disadvantages is possible by improving the mathematical support of the recognition procedure due to the use of modern neural network models based on deep neural networks. The method of development of the architecture of the deep neural network intended for the recognition of viruses is proposed. In contrast to the existing method, it is possible to avoid during the development of a neural network model of longterm numerical experiments aimed at determining the appropriateness of its application and optimizing its structural parameters. By numerical experiments using Microsoft's computer virus database BIG-2015 published by Microsoft, it is shown that the method allows constructing a neural network model that provides a recognition error that is commensurate with the error of modern computer virus detection systems. It is determined that the prospects for further research are related to the adaptation of the proposed method to the application of deep neural networks in behavioral analyzers.References
А. Артеменко, В. Головко, "Анализ нейросетевых методов распознавания компьютерных вирусов", Молодежный инновационный форум «ИНТРИ», Минск, ГУ «БелИСА», 2010, 239 с.
М. Баклановский А. Ханов, К. Комаров, П. Лозов, "Оценка точности алгоритма распознавания вре-доносных программ на основе поиска аномалий в работе процессов", Научно-технический вестник информационных технологий, механики и оптики, Т. 16., № 5, С. 823-830, 2016.
В. Вишняков, О. Коваль, М. Моздурани, "Использование нейронных сетей для обнаружения и рас-познавания аномалий в корпоративной информационной системе предприятия", Доклады Бело-русского государственного университета информатики и радиоэлектроники, № 4 (98), С. 152-160, 2016.
А. Киселевская, "Глубокие нейронные сети: автоматическое обучение распознаванию вредоносных программам. Генерация и классификация подписей", Молодой учёный, № 47 (181), С. 15-17, 2017.
А. Корченко, И. Терейковский, Н. Карпинский, С. Тынымбаев, Нейросетевые модели, методы и средства оценки параметров безопасности интернет-ориентированных информационных систем, [Монография], Киев, 2016, 275 с.
С. Поликарпов, В. Дергачёв, К. Румянцев, Д. Голубчиков, "Новая модель искусственного нейрона: кибернейрон и области его применения", Известия ЮФУ. Технические науки, № 9 (134), 2012, С. 94-98.
І. Терейковський, "Нейромережевий поведінковий аналізатор антивірусної системи", Захист інформації, № 2, С. 67-70, 2012.
I. Bapiyev, B. Aitchanov, I. Tereikovskyi, L. Tereikovska, A. Korchenko, "Deep neural networks in cyber attack detection systems", International Journal of Civil Engineering and Technology (IJCIET), Volume 8, Issue 11, November 2017, pp. 1086–1092, 2017.
M. Ahmadi, D. Ulyanov, S. Semenov, M. Trofimov, G. Giacinto, "Novel feature extraction, selection and fusion for effective malware family classification", In Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, CODASPY’16, pp. 183–194, 2016.
F. Asiru Omotayo, Moses T. Dlamini and Jonathan M. Blackledge Asiru, "Application of Artificial Intelligence for Detecting Derived Viruses", 16th European Conference on Cyber Warfare and Security (ECCWS 2017), University College Dublin, Dublin June 29-30, pp. 217-227, 2017.
Himali Jani, Sathvik Shetty, Kiran Bhowmick, "Virus Detection using Artificial Neural Networks", International Journal of Computer Applications, Volume 84, No 5., December 2013, pp. 17-23, 2017.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
