Malware Detection in Forensic Memory Dumps: The Use of Deep Meta-Learning Models
| dc.authorid | Yalçın Özkan / 0000-0002-3551-7021 | |
| dc.authorscopusid | Yalçın Özkan / 57205355640 | |
| dc.authorwosid | Yalçın Özkan / JRM-0365-2023 | |
| dc.contributor.author | Özkan, Yalçın | |
| dc.date.accessioned | 2025-04-18T06:43:22Z | |
| dc.date.available | 2025-04-18T06:43:22Z | |
| dc.date.issued | 2 Ocak 2024 | |
| dc.department | İstinye Üniversitesi, İktisadi, İdari ve Sosyal Bilimler Fakültesi, Yönetim Bilişim Sistemleri Bölümü | |
| dc.description.abstract | The present study aimed to design a high-performance deep meta-learning model that could be utilized in classification predictions using forensic memory datasets and propose a framework that would ensure the generalization and consistency of the predictions with the help of this model. To achieve this aim, a dataset containing malware and obtained from forensic memory dumps was addressed. First, it was subjected to the classification process with a deep learning algorithm, and a predictive model was acquired. The predictive model was found to have an accuracy metric of 98.25%. In addition to this finding, a meta-learning model consisting of five different models with the same hyperparameters was created. The accuracy of the obtained meta-model was computed as 97.69%. With the thought that this model would reduce the prediction variance and thus the predictive model could be generalized, it was ensured to be run 5 times in a row. As a result of this process, the prediction variance, indicating a very small change, was calculated as 0.000012. Accordingly, considering the acquired performance value, it can be determined that high performance is achieved in malware detection, and thus what hyperparameters ensure success can be revealed. If deep learning methods are used as a single model, the problem is that the variance between the predictions is large due to its stochastic structure. To avoid such drawbacks, a deep meta-learning model using the same parameters was designed instead of a deep learning model comprising a single model, and considerably smaller variance values were achieved, thus providing generalized and consistent predictions. | |
| dc.identifier.citation | Özkan, Y. (2024). Malware Detection in Forensic Memory Dumps: The Use of Deep Meta-Learning Models. Acta Infologica, 7(1), 165-172. https://doi.org/10.26650/acin.1282824 | |
| dc.identifier.doi | 10.26650/acin.1282824 | |
| dc.identifier.endpage | 172 | |
| dc.identifier.issue | 1 | |
| dc.identifier.startpage | 165 | |
| dc.identifier.trdizinid | 1244054 | |
| dc.identifier.uri | https://doi.org/10.26650/acin.1282824 | |
| dc.identifier.uri | https://dergipark.org.tr/tr/pub/acin/issue/82503/1282824 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.12713/6356 | |
| dc.identifier.volume | 7 | |
| dc.identifier.wos | WOS:001318379200014 | |
| dc.indekslendigikaynak | Web of Science | |
| dc.indekslendigikaynak | TR-Dizin | |
| dc.institutionauthor | Özkan, Yalçın | |
| dc.institutionauthorid | Yalçın Özkan / 0000-0002-3551-7021 | |
| dc.language.iso | en | |
| dc.publisher | İstanbul Üniversitesi | |
| dc.relation.ispartof | ACTA INFOLOGICA | |
| dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | |
| dc.rights | info:eu-repo/semantics/openAccess | |
| dc.subject | Forensic memory | |
| dc.subject | Cyber security | |
| dc.subject | Deep learning | |
| dc.subject | Meta-learning | |
| dc.title | Malware Detection in Forensic Memory Dumps: The Use of Deep Meta-Learning Models | |
| dc.title.alternative | Adli Bellek Dökümlerinde Kötü Amaçlı Yazılım Tespiti: Derin Meta Öğrenme Modellerinin Kullanılması | |
| dc.type | Article |
