Malware Detection Using Deep Learning and Correlation-Based Feature Selection

Esraa Saleh Alomari; Riyadh Rahef Nuiaa; Zaid Abdi Alkareem Alyasseri; Husam Jasim Mohammed; Nor Samsiah Sani; Mohd Isrul Esa; Bashaer Abbuod Musawi

doi:10.3390/sym15010123

Symmetry (Jan 2023)

Malware Detection Using Deep Learning and Correlation-Based Feature Selection

Esraa Saleh Alomari,
Riyadh Rahef Nuiaa,
Zaid Abdi Alkareem Alyasseri,
Husam Jasim Mohammed,
Nor Samsiah Sani,
Mohd Isrul Esa,
Bashaer Abbuod Musawi

Affiliations

Esraa Saleh Alomari: College of Education for Pure Sciences, Wasit University, Al-Kut 52001, Iraq
Riyadh Rahef Nuiaa: College of Education for Pure Sciences, Wasit University, Al-Kut 52001, Iraq
Zaid Abdi Alkareem Alyasseri: Information Technology Research and Development Centre (ITRDC), University of Kufa, Najaf 54001, Iraq
Husam Jasim Mohammed: Department of Business Administration, College of Administration and Financial Sciences, Imam Ja’afar Al-Sadiq University, Baghdad 10001, Iraq
Nor Samsiah Sani: Center for Artificial Intelligence Technology, Faculty of Information Science & Technology, Universiti Kebangsaan Malaysia, Bangi 43600, Malaysia
Mohd Isrul Esa: Center for Artificial Intelligence Technology, Faculty of Information Science & Technology, Universiti Kebangsaan Malaysia, Bangi 43600, Malaysia
Bashaer Abbuod Musawi: Department of Biology, Faculty of Education for Girls, University of Kufa, Najaf 54001, Iraq

DOI: https://doi.org/10.3390/sym15010123
Journal volume & issue: Vol. 15, no. 1
p. 123

Abstract

Read online

Malware is one of the most frequent cyberattacks, with its prevalence growing daily across the network. Malware traffic is always asymmetrical compared to benign traffic, which is always symmetrical. Fortunately, there are many artificial intelligence techniques that can be used to detect malware and distinguish it from normal activities. However, the problem of dealing with large and high-dimensional data has not been addressed enough. In this paper, a high-performance malware detection system using deep learning and feature selection methodologies is introduced. Two different malware datasets are used to detect malware and differentiate it from benign activities. The datasets are preprocessed, and then correlation-based feature selection is applied to produce different feature-selected datasets. The dense and LSTM-based deep learning models are then trained using these different versions of feature-selected datasets. The trained models are then evaluated using many performance metrics (accuracy, precision, recall, and F1-score). The results indicate that some feature-selected scenarios preserve almost the same original dataset performance. The different nature of the used datasets shows different levels of performance changes. For the first dataset, the feature reduction ratios range from 18.18% to 42.42%, with performance degradation of 0.07% to 5.84%, respectively. The second dataset reduction rate is between 81.77% and 93.5%, with performance degradation of 3.79% and 9.44%, respectively.

Published in Symmetry

ISSN: 2073-8994 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Science: Mathematics
Website: http://www.mdpi.com/journal/symmetry/

About the journal

Abstract

Keywords