Authors
I-Hsien Liu1, Cheng-Hsiang Lo1, Ta-Che Liu1, Jung-Shian Li1, *, Chuan-Gang
Liu2, Chu-Fen Li3
1Department of Electrical Engineering/Institute of Computer and Communication
Engineering, National Cheng Kung University, Tainan City 70101, Taiwan
2Department of Applied Informatics and Multimedia, Chia-Nan University
of Pharmacy and Science, Tainan City 71710, Taiwan
3Department of Finance, National Formosa University, Yunlin County 632,
Taiwan
*Corresponding author. Email: [email protected]
Corresponding Author
Jung-Shian Li
Received 22 October 2019, Accepted 24 April 2020, Available Online 2 June
2020.
DOI
https://doi.org/10.2991/jrnal.k.200528.006
Keywords
NIDS; dynamic analysis; deep learning
Abstract
We will display two different kinds of experiments, which are Network-based
Intrusion Detection System (NIDS)-based and dynamic-based analysis shows
how artificial intelligence helps us detecting and classify malware. On
the NID, we use CICIDS2017 as a research dataset, embedding high dimensional
features and find out redundant features in the raw dataset by Random Forest
algorithm, reach 99.93% accuracy and 0.3% of the false alert rate. We extract
the function calls in malware data by the method proposed in this paper
to generate text data. The algorithm n-gram and Term Frequency-Inverse
Document Frequency (TF-IDF) are used to process text data, converts them
into numeric features, and by another feature selection methods, we reduce
the training time, achieve 87.08% accuracy, and save 87.97% training time
in dynamic-based analysis.
Copyright
© 2020 The Authors. Published by ALife Robotics Corp. Ltd.
Open Access
This is an open access article distributed under the CC BY-NC 4.0 license
(http://creativecommons.org/licenses/by-nc/4.0/).