CNN-LSTM and Transfer Learning Models for Malware Classification based on Opcodes and API Calls

arXiv:2405.02548v1 Announce Type: new
Abstract: In this paper, we propose a novel model for a malware classification system based on Application Programming Interface (API) calls and opcodes, to improve classification accuracy. This system uses a novel design of combined Convolutional Neural Network and Long Short-Term Memory. We extract opcode sequences and API Calls from Windows malware samples for classification. We transform these features into N-grams (N = 2, 3, and 10)-gram sequences. Our experiments on a dataset of 9,749,57 samples …

accuracy api application application programming interface arxiv classification cnn cs.ai cs.cr cs.lg design interface malware malware classification memory network neural network novel programming system transfer