Please use this identifier to cite or link to this item:
|Title:||Deep learning based malware detection using hardware performance counters||Authors:||Quah, Yu Kiat||Keywords:||Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence
Engineering::Computer science and engineering::Computer systems organization::Performance of systems
|Issue Date:||2021||Publisher:||Nanyang Technological University||Source:||Quah, Y. K. (2021). Deep learning based malware detection using hardware performance counters. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/148121||Project:||SCSE20-0460||Abstract:||Studies in the past have investigated the feasibility of using HPCs (Hardware Performance Counters) as a metric to differentiate between benignware and malware. A major study titled “Hardware Performance Counters Can Detect Malware: Myth or Fact?” in 2018 concluded by using statistical models like Random Forest and Decision Tree that HPCs are not able to serve as a suitable metric. In the time since that study was published, newer deep learning models and techniques have been created. This paper first attempts to replicate the major study mentioned previously, then further investigate the feasibility of using HPCs as a metric with other models and techniques not used previously. LSTM (Long-Term Short Memory), Dense, and Ensemble models were investigated for their ability to use HPC values as a metric to differentiate between benignware and malware. This paper achieved results of ~80%, ~60%, and ~80% respectively for those models. Thus, this paper, based on the additional experiments done, supports the conclusion that HPCs are unable to reliably differentiate between benignware and malware. However, this paper provides the caveat that more data is needed for more experiments to be done to further support or contradict the conclusion that HPCs are an unsuitable metric. The source code used for this paper will also be made available to serve as an accessible base from which others can continue to build upon.||URI:||https://hdl.handle.net/10356/148121||Schools:||School of Computer Science and Engineering||Fulltext Permission:||restricted||Fulltext Availability:||With Fulltext|
|Appears in Collections:||SCSE Student Reports (FYP/IA/PA/PI)|
Updated on Oct 1, 2023
Updated on Oct 1, 2023
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.