Empowering convolutional networks for malware classification and analysis
作者: Bojan Kolosnjaji , Ghadir Eraisha , George Webster , Apostolis Zarras , Claudia Eckert
DOI: 10.1109/IJCNN.2017.7966340
关键词:
摘要: Performing large-scale malware classification is increasingly becoming a critical step in analytics as the number and variety of samples rapidly growing. Statistical machine learning constitutes an appealing method to cope with this increase it can use mathematical tools extract information out datasets produce interpretable models. This has motivated surge scientific work developing methods for detection malicious executables. However, optimal extracting most informative features different families, final goal classification, yet be found. Fortunately, neural networks have evolved state that they surpass limitations other terms hierarchical feature extraction. Consequently, now offer superior accuracy many domains such computer vision natural language processing. In paper, we transfer performance improvements achieved area model execution sequences disassembled binaries. We implement network consists convolutional feedforward constructs. architecture embodies extraction approach combines convolution n-grams instructions plain vectorization derived from headers Portable Executable (PE) files. Our evaluation results demonstrate our outperforms baseline methods, simple Feedforward Neural Networks Support Vector Machines, achieve 93% on precision recall, even case obfuscations data.
narcis.nl参考文章(20)
Aziz Mohaisen, Omar Alrawi, AV-Meter: An Evaluation of Antivirus Scans and Labels international conference on detection of intrusions and malware, and vulnerability assessment. pp. 112- 131 ,(2014) , 10.1007/978-3-319-08509-8_7
Yoshua Bengio, Xavier Glorot, Understanding the difficulty of training deep feedforward neural networks international conference on artificial intelligence and statistics. pp. 249- 256 ,(2010)
Yoshua Bengio, Yoshua Bengio, Yoshua Bengio, Yann LeCun, Convolutional networks for images, speech, and time series The handbook of brain theory and neural networks. pp. 255- 258 ,(1998)
Razvan Pascanu, Jack W. Stokes, Hermineh Sanossian, Mady Marinescu, Anil Thomas, Malware classification with recurrent networks international conference on acoustics, speech, and signal processing. pp. 1916- 1920 ,(2015) , 10.1109/ICASSP.2015.7178304
Hans-Peter Kriegel, Martin Ester, Jörg Sander, Xiaowei Xu, A density-based algorithm for discovering clusters in large spatial Databases with Noise knowledge discovery and data mining. pp. 226- 231 ,(1996)
Kaiming He, Xiangyu Zhang, Shaoqing Ren, Jian Sun, Delving Deep into Rectifiers: Surpassing Human-Level Performance on ImageNet Classification international conference on computer vision. pp. 1026- 1034 ,(2015) , 10.1109/ICCV.2015.123
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, Engin Kirda, Scalable, behavior-based malware clustering network and distributed system security symposium. ,(2009)
Blake Anderson, Curtis Storlie, Terran Lane, Multiple Kernel Learning Clustering with an Application to Malware 2012 IEEE 12th International Conference on Data Mining. pp. 804- 809 ,(2012) , 10.1109/ICDM.2012.75
Roberto Perdisci, ManChon U, VAMO Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12. pp. 329- 338 ,(2012) , 10.1145/2420950.2420999
Srilatha Attaluri, Scott McGhee, Mark Stamp, Profile hidden Markov models and metamorphic virus detection Journal in Computer Virology. ,vol. 5, pp. 151- 169 ,(2009) , 10.1007/S11416-008-0105-1