Development of the specialized methodology for virtual machine introspection using deep learning

Abstract

newline Recently, malware attacks are getting harder to detect by traditional methods because they vary too much in the binary content. The VM become vulnerable to these security attacks and degrades the working and performance of the VM. So, in this work, primarily, various ML methods are studied to get an efficient malware detection system. The detection process followed by the machine learning techniques and their advantages and disadvantages is studied there. Additionally, a novel Adversarial based Generative Model with African Buffalo (AGM-AB) framework is designed for VMI to effectively predict and prevent the malware in VM. The method involves preprocessing, feature extraction, feature selection and classification of malware samples. The preprocessing is carried out to remove the noise factor and redundancy from the dataset. And the memory and hypervisor features are extracted in the feature extraction phase, and the feature selection phase eliminates irrelevant attributes present in the extracted group. And in the next step, the classification function was performed to analyze the malware samples. The proposed method also monitors the guest OS, kernel data, and system calls to detect the security attack for the enhanced performance of the VM. Furthermore, the coherence of the researched framework is validated in terms of the performance measurement such as accuracy, TPR, recall, F1-score, precision, error rate and FPR. The experiment is performed, and a comparison is conducted with the existing works to show the effectiveness of the proposed model. newline