CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, cilt.35, sa.6, ss.1-0, 2023 (SCI-Expanded)
Malicious software forms a threat to many software-intensive systems and as such several malware detection approaches have been introduced, often based on sequential data analysis. Long short-term memory (LSTM) is an artificial recurrent neural network (RNN) architecture that is effective for sequential data analysis, however, no study has yet analyzed the performance of different LSTM architectures for the application of malware detection. In this article, we aim to evaluate and benchmark the performance of LSTM-based malware detection approaches on specific LSTM architectures to provide insight into malware detection. Our method builds LSTM-based malware prediction models and performs experiments using different LSTM architectures including Vanilla LSTM, stacked LSTM, bi-directional LSTM, and CNN-LSTM. We evaluated the performance of each of these architectures and different configurations. Our study, as a contribution, shows that Bidirectional LSTM with hyperparameter optimization is found to be overperforming other selected LSTM architectures. This study shows that different LSTM approaches and architectures are applicable to the malware detection problem. Quality attributes such as efficiency and accuracy, and the software system architecture adopted for the implementation impact the selection of the LSTM approach.