Methods for developing a deep neural network architecture designed to recognize computer viruses

Authors

  • Ігор Анатолійович Терейковський National Technical University of Ukraine "Kyiv Polytechnic Institute named after Igor Sikorsky"
  • Олег Володимирович Заріцький National Aviation University
  • Людмила Олексіївна Терейковська Kyiv National University of Construction Architecture
  • Володимир Володимирович Погорелов National Aviation University

DOI:

https://doi.org/10.18372/2410-7840.20.13074

Keywords:

information security, computer virus, neural network model, deep neural network, rarefied autocoder

Abstract

The article is devoted to the solution of the problem of improving computer virus recognition systems. Although the antivirus protection systems have been used for several decades, a lot of highly skilled specialists are involved in their development, and a large number of works are devoted to the creation of the appropriate scientific and methodological base, but practical experience and known cases of successful virus attacks on domestic and foreign computer systems and networks point to the presence in modern antivirus detection of serious shortcomings. It is shown that correcting a number of disadvantages is possible by improving the mathematical support of the recognition procedure due to the use of modern neural network models based on deep neural networks. The method of development of the architecture of the deep neural network intended for the recognition of viruses is proposed. In contrast to the existing method, it is possible to avoid during the development of a neural network model of longterm numerical experiments aimed at determining the appropriateness of its application and optimizing its structural parameters. By numerical experiments using Microsoft's computer virus database BIG-2015 published by Microsoft, it is shown that the method allows constructing a neural network model that provides a recognition error that is commensurate with the error of modern computer virus detection systems. It is determined that the prospects for further research are related to the adaptation of the proposed method to the application of deep neural networks in behavioral analyzers.

Author Biographies

Ігор Анатолійович Терейковський, National Technical University of Ukraine "Kyiv Polytechnic Institute named after Igor Sikorsky"

Doctor of Technical Sciences, Associate Professor, Professor of the Department of System Programming and Specialized Computer Systems of the National Technical University of Ukraine "Kyiv Polytechnic Institute named after Igor Sikorsky"

Олег Володимирович Заріцький, National Aviation University

Doctor of Engineering Sciences, Associate Professor of Academic Department of IT-Security, National Aviation University

Людмила Олексіївна Терейковська, Kyiv National University of Construction Architecture

Candidate of Technical Sciences, Associate Professor, Associate Professor of Cyber Security and Computer Engineering at the Kyiv National University of Construction Architecture

Володимир Володимирович Погорелов, National Aviation University

Assistant of Information Security Departments of the National Aviation University

References

А. Артеменко, В. Головко, "Анализ нейросетевых методов распознавания компьютерных вирусов", Молодежный инновационный форум «ИНТРИ», Минск, ГУ «БелИСА», 2010, 239 с.

М. Баклановский А. Ханов, К. Комаров, П. Лозов, "Оценка точности алгоритма распознавания вре-доносных программ на основе поиска аномалий в работе процессов", Научно-технический вестник информационных технологий, механики и оптики, Т. 16., № 5, С. 823-830, 2016.

В. Вишняков, О. Коваль, М. Моздурани, "Использование нейронных сетей для обнаружения и рас-познавания аномалий в корпоративной информационной системе предприятия", Доклады Бело-русского государственного университета информатики и радиоэлектроники, № 4 (98), С. 152-160, 2016.

А. Киселевская, "Глубокие нейронные сети: автоматическое обучение распознаванию вредоносных программам. Генерация и классификация подписей", Молодой учёный, № 47 (181), С. 15-17, 2017.

А. Корченко, И. Терейковский, Н. Карпинский, С. Тынымбаев, Нейросетевые модели, методы и средства оценки параметров безопасности интернет-ориентированных информационных систем, [Монография], Киев, 2016, 275 с.

С. Поликарпов, В. Дергачёв, К. Румянцев, Д. Голубчиков, "Новая модель искусственного нейрона: кибернейрон и области его применения", Известия ЮФУ. Технические науки, № 9 (134), 2012, С. 94-98.

І. Терейковський, "Нейромережевий поведінковий аналізатор антивірусної системи", Захист інформації, № 2, С. 67-70, 2012.

I. Bapiyev, B. Aitchanov, I. Tereikovskyi, L. Tereikovska, A. Korchenko, "Deep neural networks in cyber attack detection systems", International Journal of Civil Engineering and Technology (IJCIET), Volume 8, Issue 11, November 2017, pp. 1086–1092, 2017.

M. Ahmadi, D. Ulyanov, S. Semenov, M. Trofimov, G. Giacinto, "Novel feature extraction, selection and fusion for effective malware family classification", In Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, CODASPY’16, pp. 183–194, 2016.

F. Asiru Omotayo, Moses T. Dlamini and Jonathan M. Blackledge Asiru, "Application of Artificial Intelligence for Detecting Derived Viruses", 16th European Conference on Cyber Warfare and Security (ECCWS 2017), University College Dublin, Dublin June 29-30, pp. 217-227, 2017.

Himali Jani, Sathvik Shetty, Kiran Bhowmick, "Virus Detection using Artificial Neural Networks", International Journal of Computer Applications, Volume 84, No 5., December 2013, pp. 17-23, 2017.

Published

2018-09-28

Issue

Section

Articles