Neural Networks Optimizations Against Concept and Data Drift in Malware Detection

Add code
Aug 21, 2023
William Maillet, Benjamin Marais
Figure 1 for Neural Networks Optimizations Against Concept and Data Drift in Malware Detection
Figure 2 for Neural Networks Optimizations Against Concept and Data Drift in Malware Detection
Figure 3 for Neural Networks Optimizations Against Concept and Data Drift in Malware Detection
Figure 4 for Neural Networks Optimizations Against Concept and Data Drift in Malware Detection

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Despite the promising results of machine learning models in malware detection, they face the problem of concept drift due to malware constant evolution. This leads to a decline in performance over time, as the data distribution of the new files differs from the training one, requiring regular model update. In this work, we propose a model-agnostic protocol to improve a baseline neural network to handle with the drift problem. We show the importance of feature reduction and training with the most recent validation set possible, and propose a loss function named Drift-Resilient Binary Cross-Entropy, an improvement to the classical Binary Cross-Entropy more effective against drift. We train our model on the EMBER dataset (2018) and evaluate it on a dataset of recent malicious files, collected between 2020 and 2023. Our improved model shows promising results, detecting 15.2% more malware than a baseline model.

View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon