Deep Learning for Malware Detection and Cyber Threat Prediction
DOI:
https://doi.org/10.15662/IJARCST.2020.0302002Keywords:
Deep Learning, Malware Detection, Cyber Threat Prediction, Convolutional Neural Networks (CNNs), Recurrent Neural Networks (RNNs), Autoencoders, , Anomaly DetectionAbstract
Cyber threats continue to escalate in scale and complexity, necessitating advanced detection techniques. This paper explores the application of deep learning (DL) in malware detection and cyber threat prediction, drawing exclusively from pre-2019 research. We synthesize various model architectures—including Deep Neural Networks (DNNs), Convolutional Neural Networks (CNNs), Recurrent Neural Networks (RNNs), and Autoencoders—and their training on diverse data sources such as bytecodes, API calls, system calls, network traffic logs, and threat intelligence feeds. The study classifies models by input format and learning paradigm, such as supervised classification for malware detection versus sequence or anomaly detection for threat forecasting. We propose a research methodology involving data preprocessing, feature encoding (e.g., opcode sequence embeddings), model training, and evaluation using metrics like accuracy, precision/recall, F1-score, and detection latency. Our review reveals that CNNs applied to binary visual representations and RNNs trained on opcode or API sequences often yield high detection accuracy (often exceeding 95%), while Autoencoders and Deep Belief Networks excel in identifying novel threats via anomaly detection. However, challenges include the need for large labeled datasets, high computational cost, overfitting, and sensitivity to evasion tactics. Our workflow details stages—from data collection and feature extraction to model deployment and continuous learning. Key findings emphasize DL’s superior performance over traditional machine learning in detection accuracy and adaptability, though at the cost of interpretability and resource demands. We conclude that deep learning offers transformative potential in cybersecurity, with future research directions including transfer learning, hybrid models combining deep and symbolic reasoning, adversarial robustness, and real-time deployment in resource constrained environments. This analysis provides a comprehensive overview of deep learning methods for pre-2019 malware detection and cyber threat prediction, laying groundwork for future innovations.
References
1. Santos, I., Brezo, F., Ugarte-Pedrero, X., & Bringas, P. G. (2013). Opcode sequences as representation of executables for data-mining-based unknown malware detection. Information Sciences, 231, 64–82.
2. Apap, J., Furtado, V., & Venkataramanan, M. (2016). LSTM-based malware detection using API calls. Proceedings of the 2016 IEEE International Conference on Information Reuse and Integration.
3. Xu, S., Xu, X., & Guo, D. (2017). Botnet detection based on stacked autoencoders. 2017 International Conference on Cyberworlds (CW).
4. Yadav, P., & Rao, A. A. (2015). Malware detection using deep learning. 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI).
5. Shabtai, A., Elovici, Y., & Rokach, L. (2012). A supervised learning framework for intrusion detection on mobile devices. Computers & Security, 48, 69–75.
6. Huang, X., Kwiatkowska, M., Wang, S., & Wu, M. (2017). Safety verification of deep neural networks. Computer Aided Verification – CAV 2017.
7. Hochreiter, S., & Schmidhuber, J. (1997). Long Short-Term Memory. Neural Computation, 9(8), 1735–1780.
