HMLET: Hunt Malware Using Wavelet Transform on Cross-Platform

Sangmin Park, Sanghoon Jeon, Huy Kang Kim

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

As the importance of cyberspace grows, malicious software (malware) is threatening not only individuals but also countries. In addition, numerous malware is still circulating in cyberspace, and as technology advances, new or advanced malware are emerging. In the real world, files from cross-platforms are distributed via e-mail, network-attached storage (NAS), shared drives, Etc. However, most malware detection models target only single-platform. Therefore, malware detection of cross-platforms has a significant and essential role. We propose HMLET, a cross-platform malware detection model. Our proposed HMLET uses content-based information that binary files all have in common, rather than file structure-based information that is not common to each platform, to detect malware of various file types in the cross-platform. We create file content-based information features for malware detection using wavelet transform. However, fixing the input data length when performing wavelet transform was necessary because the amount of information extracted according to the input data length was not constant. We fix the input data length through the Joint Probability Distribution (JPD) matrix to solve the input data length problem. After learning in the machine learning model, malware detection performance was evaluated through extracted features. Malware detection performance on the Windows platform showed 97% accuracy on HMLET and 99% on the Linux platform. In addition, on the Windows & Linux platform, HMLET showed 97% accuracy. According to experiment results, HMLET shows high-performance malware detection in the cross-platform, making it suitable to be used as a malware detection model in the cross-platform.

Original languageEnglish
Pages (from-to)124821-124834
Number of pages14
JournalIEEE Access
Volume10
DOIs
Publication statusPublished - 2022

Bibliographical note

Publisher Copyright:
© 2013 IEEE.

Keywords

  • Detection
  • joint probability distribution matrix
  • machine learning
  • malware
  • signal processing
  • static analysis
  • wavelet transform

ASJC Scopus subject areas

  • General Engineering
  • General Materials Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'HMLET: Hunt Malware Using Wavelet Transform on Cross-Platform'. Together they form a unique fingerprint.

Cite this