Implementasi Arsitektur Siamese Neural Network Dan Triplet Loss Untuk Deteksi Varian Malware Polimorfik

Ardiansyah, Irvan Raditya (2026) Implementasi Arsitektur Siamese Neural Network Dan Triplet Loss Untuk Deteksi Varian Malware Polimorfik. Other thesis, Institut Teknologi Sepuluh Nopember.

Text 5002211089-Undergraduate_Thesis.pdf Restricted to Repository staff only Download (3MB) | Request a copy

Abstract

Ancaman malware polimorfik yang memiliki kemampuan untuk mengubah struktur signature biner guna menghindari deteksi menjadi tantangan tersendiri bagi sistem keamanan konvensional yang bergantung pada pencocokan hash statis. Penelitian ini menerapkan pendekatan Deep Metric Learning berbasis kemiripan visual untuk mengatasi permasalahan tersebut. Dalam pelaksanaannya, file biner dari dataset MOTIF (Malware Open-source Threat Intelligence Family) dikonversi menjadi citra grayscale terstandarisasi berukuran 128 × 128 piksel. Data citra tersebut digunakan untuk melatih arsitektur Siamese Neural Network (SNN) yang dioptimalkan menggunakan fungsi Triplet Loss dengan strategi Batch-Hard Mining untuk mempelajari representasi fitur yang distingtif. Model yang telah dilatih kemudian diintegrasikan ke dalam aplikasi berbasis web. Evaluasi kinerja dilakukan melalui skenario verifikasi berpasangan pada variasi nilai margin (α = 0.3, 0.5, 0.7). Hasil eksperimen menunjukkan bahwa margin α = 0.7 cenderung menghasilkan keseimbangan metrik evaluasi yang lebih baik dibandingkan konfigurasi lainnya, terutama pada nilai F1-Score. Selain itu, hasil komparasi dengan VirusTotal mengindikasikan bahwa model SNN mampu mengenali varian polimorfik yang gagal dideteksi oleh mesin antivirus akibat ketidakcocokan hash. Hasil ini menunjukkan bahwa pendekatan berbasis embedding berpotensi digunakan sebagai metode pendukung untuk meningkatkan ketahanan deteksi terhadap ancaman siber.
================================================================================================================================
Polymorphic malware poses a significant challenge to conventional security systems due to its ability to alter binary signatures while retaining malicious functionality, causing traditional signature-based detection methods to often encounter difficulties in identifying evolving variants. This research explores a Deep Metric Learning approach based on visual similarity to address this issue. The methodology involves transforming malware binaries from the MOTIF (Malware Open-source Threat Intelligence Family) dataset into standardized 128 × 128 grayscale images. These visual representations are utilized to train a Siamese Neural Network (SNN) architecture, optimized using a Triplet Loss function combined with a Batch-Hard Mining strategy to learn a robust embedding space. The trained model is subsequently implemented into a web based application practical analysis. The study evaluates the model’s performance using pairwise verification across different margin configurations (α = 0.3, 0.5, 0.7). Experimental results suggest that a margin of α = 0.7 offers a favorable balance between Precision and Recall, yielding the highest F1-Score among the tested scenarios. Furthermore, comparative validation against the VirusTotal API indicates that the proposed SNN model has the potential to identify polymorphic variants that were not flagged by commercial engines due to hash mismatches. These findings imply that an embedding-based visual approach could serve as a complementary method to enhance the detection of cyber threats alongside traditional systems.

Item Type:	Thesis (Other)
Uncontrolled Keywords:	Deteksi Malware, Malware Polimorfik, Siamese Neural Network, Deep Metric Learning, Triplet LossMalware Detection, Polymorphic Malware, Siamese Neural Network, Deep Metric Learning, Triplet Loss
Subjects:	Q Science > QA Mathematics > QA76.87 Neural networks (Computer Science) Q Science > QA Mathematics > QA76.9.A25 Computer security. Digital forensic. Data encryption (Computer science)
Divisions:	Faculty of Science and Data Analytics (SCIENTICS) > Mathematics > 44201-(S1) Undergraduate Thesis
Depositing User:	Irvan Raditya Ardiansyah
Date Deposited:	23 Jan 2026 07:19
Last Modified:	23 Jan 2026 07:20
URI:	http://repository.its.ac.id/id/eprint/130210

Actions (login required)

View Item