Malware recognition system based on the representation of a binary file in the form of an image with machine learning
| Authors: Panchekhin N.I., Desyatov A.G., Sidorkin A.D. |  |
| Published in issue: #4(81)/2023 | |
| DOI: 10.18698/2541-8009-2023-4-886 | |
Category: Informatics, Computer Engineering and Control | Chapter: Methods and Systems of Information Protection, Information Security |
|
Keywords: malware detection, static analysis, deep learning, artificial neural network, software, Python, Keras, dataset |
|
| Published: 06.05.2023 | |
With the increasing number and complexity of threats posed by malware, approaches to automatically detect and classify malware are being actively explored. At the same time, malware authors are developing tools to circumvent malware detection methods based on the signatures used by antivirus companies. Recently, deep learning has been used to solve this problem in malware classification. In this paper, we consider a model of a convolutional neural network (CNN), obtained experimentally and designed to detect malware based on static analysis. The highest accuracy achieved by the model during the study was 95 %.
References
[1] McGraw G., Morrisett G. Attacking Malicious Code: A Report to the Infosec Research Council. IEEE Software, 2000, vol. 17 (5), pp. 33–41. http://doi.org/10.1109/52.877857
[2] Vasudevan A., Yerraballi R. SPiKE: engineering malware analysis tools using unobtrusive binary-instrumentation. Computer Science 2006, Twenty-Ninth Australasian Computer Science Conference (ACSC2006), Hobart, Tasmania, Australia, 2006. http://doi.org/10.1145/1151699.1151734
[3] Basarab M.A., Konnova N.S. Intellektual’nye tekhnologii na osnove iskusstvennykh neyronnykh setey [Intelligent technologies based on artificial neural networks]. Moscow, BMSTU Press, 2017, 56 p. (In Russ.).
[4] Rafiqul Islam M., Tian R., Batten L., Versteeg S. Classification of malware based on integrated static and dynamic features. Journal of Network and Computer Applications, 2013, vol. 36 (2), pp. 646–656. http://doi.org/10.1016/j.jnca.2012.10.004
[5] Xu L., Zhang D., Jayasena N., Cavazos J. HADM: Hybrid Analysis for Detection of Malware. Proceedings of SAI Intelligent Systems Conference, 2018. http://doi.org/10.1007/978-3-319-56991-8_51
[6] Random Forest for Malware Classification. URL: https://arxiv.org/abs/1609.07770 (accessed March 17, 2023).
[7] Nataraj L., Karthikeyan S., Jacob G., Manjunath B.S. Malware Images: Visualization and Automatic Classification, 2011. http://doi.org/10.1145/2016904.2016908
[8] Towards Building an Intelligent Anti-Malware System: A Deep Learning Approach using Support Vector Machine (SVM) for Malware Classification. URL: https://arxiv.org/abs/1801.00318 (accessed March 18, 2023).
[9] Kalash M., Rochan M., Mohammed N., Bruce N.D.B. Classification with Deep Convolutional Neural Networks. 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), 2018. http://doi.org/10.1109/NTMS.2018.8328749
[10] Vasan D., Alazab M., Wassan S., Naeem H. IMCFN: Image-based malware classification using fine-tuned convolutional neural network architecture. Computer Networks, 2020, vol. 171, pp. 107138. http://doi.org/10.1016/j.comnet.2020.107138
[11] R2-D2: Color-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections. URL: https://arxiv.org/pdf/1705.04448.pdf (accessed March 19, 2023).
[12] Malware-on-the-Brain: Illuminating Malware Byte Codes with Images for Malware Classification. URL: https://arxiv.org/abs/2108.04314 (accessed March 20, 2023).