Malware Detection On Windows System Via Deep Learning

Windows system,as the most used operating system on the Internet,provides and carries a huge amount of information and services,but the large number of malware attacks under this system has brought serious impact on people’s information life.Traditional malware detection methods are based on a large number of rules and pattern matching,which require a lot of manpower for malware analysis and labeling,and are difficult to detect malware that mutates rapidly due to code obfuscation.To solve this problem,many scholars have introduced artificial intelligence techniques into malware detection research in recent years,saving a large amount of software analysis manpower while allowing these methods to have better generalization capabilities,providing new ideas for detecting increasingly complex malware.In addition,while AI techniques have been applied to malware detection work,some researchers have found that adding specific adversarial perturbations to the malware samples to be detected can make the judgment results of AI detection models wrong,so the robustness of malware detection models also brings new challenges to researchers.The main work of this paper includes.(1)In order to alleviate the need for labeled samples in the process of training malware detection models,this paper proposes a model for malware detection based on pre-trained deep learning,Malbert.The model first uses self-supervised learning to pre-train on a large number of unlabeled software API call sequence samples,and then uses a relatively small number of API call sequence samples with malware and benign labels for supervised fine-tuning training.The experimental results show that the Malbert model based on pre-trained deep learning shows better detection results on two different types of datasets.(2)Malware attacks from any misjudgment of malware detection models are serious and irreversible,so the robustness of detection results is very important.In order to compare the robustness of detection results between different malware detection models,this paper proposes an algorithm to test the robustness of malware detection models,conducting experiments across multiple datasets and multiple evaluation metrics.The final experimental results show that the Malbert model proposed in this paper performs better in robustness testing,and thus the Malbert model has better anti-interference capability and robustness after practical deployment.