In order to ensure the timeliness of malware variants detection model, traditional detection methods based on machine (deep) learning integrate historical data and incremental data, and retrain to update the detection models, which has the problem of low training efficiency. Therefore, this paper proposes an incremental learning method based on neural network smooth aggregation mechanism for malware variants detection, which makes the detection models evolve smoothly. This paper adds training scale factor to avoids the decent of accuracy of incremental model in aggregation due to small training scale. The experimental results show that our incremental learning method can improve the training efficiency while retaining the accuracy of the detection model compared with re-training method.
[1] Seungho Jeon,SJongsub Moon. Malware-Detection Method with a Convolutional Recurrent Neural Network Using Opcode Sequences. Information Sciences[J], 2020, 535: 1-15.
[2] Yuntao Zhao,SWenjie Cui,SShengnan Geng,SBo Bo,SYongxin Feng,SWenbo Zhang. A Malware Detection Method of Code Texture Visualization Based on an Improved Faster RCNN Combining Transfer Learning. IEEE Access[J], 2020, 8: 166630S- 166641.
[4] Intelligent DynamicSMalwareSDetectionSusing Machine Learning in IP Reputation for Forensics Data Analytics. Future Generation Computer Systems[J], 2020, 118: 124-141.
[5] SoneilaSKhan,SAdnan Akhunzada. A hybrid DL-driven intelligent SDN-enabledSmalwareSdetectionSframework for Internet of Medical Things (IoMT). Computer Communication[J], 2020, 170: 209-216.
[6] Khaled Bakour,SHalil Muratnver. DeepVisDroid: androidSmalwareSdetectionSby hybridizing image-based features with deep learning techniques, Neural Computing Application[J], 2021, 33: 11499–11516.
[7] Sub-curve HMM: ASmalwareSdetectionSapproach based on partial analysis of API call sequences. Computer Security[J], 2020, 92.
[8] Jixin Zhang, Zheng Qin, Hui Yin, Lu Ou, Kehuan Zhang. A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding. Computers Security[J], 2019, 84: 376-392.