TY  - JOUR
T1  - Malware Detection Model with Skip-Connected LSTM RNN
AU  - Bae, Jangseong 
AU  - Lee, Changki 
AU  - Choi, Suno 
AU  - Kim, Jonghyun 
JO  - Journal of KIISE, JOK
PY  - 2018
DA  - 2018/1/14
DO  - 10.5626/JOK.2018.45.12.1233
KW  - Skip-Connected LSTM RNN
KW  - malware detection
KW  - deep-learning
AB  - A program can be viewed as a sequence of consecutive Opcodes in which malware is a malicious program. In this paper, we assume that the program is a sequence of Opcodes with semantic information and detect the malware using the Long Short-Term Memory Recurrent Neural Network (LSTM RNN), which is a deep learning model suitable for sequence data modeling. For various experiments, the Opcode sequence is divided into a uni-gram sequence and a tri-gram sequence and used as the input features of the various deep learning models. Several deep learning models use the input Opcodes sequence to determine whether the program is a normal file or malware. We also show that the proposed Skip-Connected LSTM RNN model is superior to the LSTM encoder and the Convolutional Neural Network(CNN) model for malware detection. Experimental results show that the Skip-Connected LSTM RNN model has better performance than the LSTM encoder and CNN model in the Opcode sequence tri-gram data.