Welcome to the upgraded BRAC University Institutional Repository. We are currently organizing collections after a recent system upgrade. Homepage category counters may temporarily show lower numbers while syncing, but over 27,000 repository items remain safe and accessible. Please use the search bar to find theses, scholarly outputs, and institutional documents.

MalFam: a comprehensive study on malware families with state-of-the-art CNN architectures with classifications and XAI

Citation

Abstract

Just as the digital transformation of everything in this ‘Information Age’ has acted substantially to mitigate conventional crimes to a degree, the rate of cyber crime has parallelly elevated alarmingly. As malware has been the primary envoy in such criminal incidents, its metamorphosis is highly prevalent. This paper presents a systematic grouping of malware samples into distinct families extracted from two prominent datasets, MalImg and MaleVis through extensive research. Subsequently, six state-of-the-art advanced CNN architectures have been utilized including Inception ResNet V2, DenseNet, VGG16, ResNet50, EfficientNetB0 and XceptionNet. Then a comprehensive analysis of malware classification was conducted as the research aimed to discern the performance variances among these models concerning the classification of diverse malware families. Moreover, eXplainable Artificial Intelligence (XAI) techniques, particularly Local Interpretable Model-agnostic Explanations (LIME) has been introduced, to deduce the rationale behind the classification decisions made by each model. This involved analyzing and visualizing the salient features within the malware files that led to their identification as malicious entities. Lastly, the findings of this study not only provide a comparative evaluation of various deep learning architectures for malware classification but also offer insightful explanations through XAI methodologies, shedding light on the interpretability of model decisions in the realm of cybersecurity. The results furnish valuable insights for enhancing the understanding of malware behaviour and model interpretability, thereby contributing to the advancement of robust and explainable malware detection systems.

Description

Cataloged from PDF version of thesis.
Includes bibliographical references (pages 73-76).
This thesis is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science, 2024.

Publisher Link

Type

Thesis