Cryptocurrency malware hunting: A deep Recurrent Neural Network approach

Abbas Yazdinejad, Hamed HaddadPajouh, Ali Dehghantanha, Reza M. Parizi, Gautam Srivastava, Mu Yen Chen

Research output: Contribution to journalArticlepeer-review

6 Citations (Scopus)

Abstract

In recent years, cryptocurrency trades have increased dramatically, and this trend has attracted cyber-threat actors to exploit the existing vulnerabilities and infect their targets. The malicious actors use cryptocurrency malware to perform complex computational tasks using infected devices. Since cryptocurrency malware threats perform a legal process, it is a challenging task to detect this type of threat by a manual or heuristic method. In this paper, we propose a novel deep Recurrent Neural Network (RNN) learning model for hunting cryptocurrency malware threats. Specifically, our proposed model utilizes the RNN to analyze Windows applications’ operation codes (Opcodes) as a case study. We collect a real-world dataset that comprises of 500 cryptocurrency malware and 200 benign-ware samples, respectively. The proposed model trains with five different Long Short-Term Memory (LSTM) structures and is evaluated by a 10-fold cross-validation (CV) technique. The obtained results prove that a 3-layer configuration model gains 98% of detection accuracy, which is the highest rate among other current configurations. We also applied traditional machine learning (ML) classifiers to show the applicability of deep learners (LSTM) versus traditional models in dealing with cryptocurrency malware.

Original languageEnglish
Article number106630
JournalApplied Soft Computing Journal
Volume96
DOIs
Publication statusPublished - 2020 Nov

All Science Journal Classification (ASJC) codes

  • Software

Fingerprint Dive into the research topics of 'Cryptocurrency malware hunting: A deep Recurrent Neural Network approach'. Together they form a unique fingerprint.

Cite this