Papers Papers/2022 Papers Papers/2022



Authors: Antonio Maci ; Giuseppe Urbano and Antonio Coscia

Affiliation: Cybersecurity Laboratory, BV TECH S.p.A., Milan, Italy

Keyword(s): Malware, Application Programming Interface, Imbalanced Data Classification, Deep Reinforcement Learning.

Abstract: Nowadays, defending against malware-induced computer infections represents a key concern for both individuals and companies. Malware detection relies on analyzing the static or dynamic features of a file to determine whether it is malicious or not. In the case of dynamic analysis, the sample behavior is examined by performing a thorough inspection, such as tracking the sequence of functions, also called Application Programming Interfaces (APIs), executed for malicious purposes. Current machine learning paradigms, such as Deep Learning (DL), can be exploited to develop a classifier capable of recognizing different categories of malicious software for each API flow. However, some malware families are less numerous than others, leading to an imbalanced multi-class classification problem. This paper compares Deep Reinforcement Learning (DRL) algorithms that combine Reinforcement Learning (RL) with DL models to deal with class imbalance for API-based malware classification. Our investigat ion involves multiple configurations of Deep Q-Networks (DQNs) with a proper formulation of the Markov Decision Process that supports cost-sensitive learning to reduce bias due to majority class dominance. Among the algorithms compared, the dueling DQN showed promising macro F1 and area under the ROC curve scores in three test scenarios using a popular benchmark API call dataset. (More)


Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Maci, A.; Urbano, G. and Coscia, A. (2024). Deep Q-Networks for Imbalanced Multi-Class Malware Classification. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-683-5; ISSN 2184-4356, SciTePress, pages 342-349. DOI: 10.5220/0012303800003648

author={Antonio Maci. and Giuseppe Urbano. and Antonio Coscia.},
title={Deep Q-Networks for Imbalanced Multi-Class Malware Classification},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP},


JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP
TI - Deep Q-Networks for Imbalanced Multi-Class Malware Classification
SN - 978-989-758-683-5
IS - 2184-4356
AU - Maci, A.
AU - Urbano, G.
AU - Coscia, A.
PY - 2024
SP - 342
EP - 349
DO - 10.5220/0012303800003648
PB - SciTePress