Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Deep Learning Models for Detecting Malware Attacks

Pascal Maniriho, Abdun Naser Mahmood, Mohammad Jabed Morshed Chowdhury

TL;DR

This survey addresses the escalating malware threat by surveying deep learning-based detection techniques across Windows, Linux, and Android. It catalogs DL model categories (from MLPs to GNNs and ensembles), optimization, and regularization strategies, and maps feature extraction approaches to platform-specific malware analysis. It highlights representative works, datasets, and performance ranges, and discusses challenges such as memorization, mobile real-time constraints, adversarial robustness, and Linux coverage. The work provides a comprehensive, cross-platform framework for understanding DL-based malware detection and points to future directions to strengthen practical defenses in diverse environments.

Abstract

Malware is one of the most common and severe cyber-attack today. Malware infects millions of devices and can perform several malicious activities including mining sensitive data, encrypting data, crippling system performance, and many more. Hence, malware detection is crucial to protect our computers and mobile devices from malware attacks. Deep learning (DL) is one of the emerging and promising technologies for detecting malware. The recent high production of malware variants against desktop and mobile platforms makes DL algorithms powerful approaches for building scalable and advanced malware detection models as they can handle big datasets. This work explores current deep learning technologies for detecting malware attacks on the Windows, Linux, and Android platforms. Specifically, we present different categories of DL algorithms, network optimizers, and regularization methods. Different loss functions, activation functions, and frameworks for implementing DL models are presented. We also present feature extraction approaches and a review of recent DL-based models for detecting malware attacks on the above platforms. Furthermore, this work presents major research issues on malware detection including future directions to further advance knowledge and research in this field.

Deep Learning Models for Detecting Malware Attacks

TL;DR

This survey addresses the escalating malware threat by surveying deep learning-based detection techniques across Windows, Linux, and Android. It catalogs DL model categories (from MLPs to GNNs and ensembles), optimization, and regularization strategies, and maps feature extraction approaches to platform-specific malware analysis. It highlights representative works, datasets, and performance ranges, and discusses challenges such as memorization, mobile real-time constraints, adversarial robustness, and Linux coverage. The work provides a comprehensive, cross-platform framework for understanding DL-based malware detection and points to future directions to strengthen practical defenses in diverse environments.

Abstract

Malware is one of the most common and severe cyber-attack today. Malware infects millions of devices and can perform several malicious activities including mining sensitive data, encrypting data, crippling system performance, and many more. Hence, malware detection is crucial to protect our computers and mobile devices from malware attacks. Deep learning (DL) is one of the emerging and promising technologies for detecting malware. The recent high production of malware variants against desktop and mobile platforms makes DL algorithms powerful approaches for building scalable and advanced malware detection models as they can handle big datasets. This work explores current deep learning technologies for detecting malware attacks on the Windows, Linux, and Android platforms. Specifically, we present different categories of DL algorithms, network optimizers, and regularization methods. Different loss functions, activation functions, and frameworks for implementing DL models are presented. We also present feature extraction approaches and a review of recent DL-based models for detecting malware attacks on the above platforms. Furthermore, this work presents major research issues on malware detection including future directions to further advance knowledge and research in this field.
Paper Structure (42 sections, 7 figures, 5 tables)

This paper contains 42 sections, 7 figures, 5 tables.

Table of Contents

  1. Introduction
  2. Limitations of previous Surveys and our contributions
  3. Background
  4. Artificial Neural Networks
  5. Overview of Deep Learning
  6. Deep Learning Technologies for Malware Detection
  7. Categories of Deep Learning Algorithms for Malware Detection
  8. Multilayer Perceptron
  9. Recurrent Neural Networks
  10. Bidirectional Recurrent Neural Networks
  11. Long-short Term Memory
  12. Gated Recurrent Unit
  13. Convolutional Neural Networks
  14. Deep Residual Networks
  15. AutoEncoders (AEs)
  16. ...and 27 more sections

Figures (7)

  • Figure 1: Malware development in (a) Windows from 2013-Feb 2022 MalwareS17:online (b) Android from 2013-Feb 2022 MalwareS17:online.
  • Figure 2: An example of (a) A simple architecture of an artificial neural network (b) Illustration of activation operation in artificial neural network using ReLU activation function.
  • Figure 3: Binary classification (a) Linearly separable classes (b) Non-linearly separable classes.
  • Figure 4: Different deep learning technologies presented in this work.
  • Figure 5: A typical architecture of a CNN model with a grayscale input image of size 4 by 4
  • ...and 2 more figures