@article{M6E98531D,
title = "Malware Detection Model with Skip-Connected LSTM RNN",
journal = "Journal of KIISE, JOK",
year = "2018",
issn = "2383-630X",
doi = "10.5626/JOK.2018.45.12.1233",
author = "Jangseong Bae,Changki Lee,Suno Choi,Jonghyun Kim",
keywords = "Skip-Connected LSTM RNN,malware detection,deep-learning",
abstract = "A program can be viewed as a sequence of consecutive Opcodes in which malware is a malicious program. In this paper, we assume that the program is a sequence of Opcodes with semantic information and detect the malware using the Long Short-Term Memory Recurrent Neural Network (LSTM RNN), which is a deep learning model suitable for sequence data modeling. For various experiments, the Opcode sequence is divided into a uni-gram sequence and a tri-gram sequence and used as the input features of the various deep learning models. Several deep learning models use the input Opcodes sequence to determine whether the program is a normal file or malware. We also show that the proposed Skip-Connected LSTM RNN model is superior to the LSTM encoder and the Convolutional Neural Network(CNN) model for malware detection. Experimental results show that the Skip-Connected LSTM RNN model has better performance than the LSTM encoder and CNN model in the Opcode sequence tri-gram data."
}