Efficient Characterization and Classification of Malware Using Deep Learning

2018 Resilience Week (RWS) Pub Date : 2018-08-01 DOI:10.1109/RWEEK.2018.8473556

L. D. L. Rosa, Sean Kilgallon, T. Vanderbruggen, John Cavazos

{"title":"Efficient Characterization and Classification of Malware Using Deep Learning","authors":"L. D. L. Rosa, Sean Kilgallon, T. Vanderbruggen, John Cavazos","doi":"10.1109/RWEEK.2018.8473556","DOIUrl":null,"url":null,"abstract":"Bad actors have embraced automation to construct malware, and current analysis systems cannot keep up with the ever-increasing load of malware being created daily. Additionally, some static analysis of malware can be computationally expensive, and not all static analysis should be considered for every sample that is part of a large malware dataset. As a result, highly expressive and inexpensive characterizations of malicious code, coupled with low resource machine learning classification platforms are required. In this paper, we use deep learning to build a meta-model that finds the simplest classifiers to characterize and assign malware into their corresponding families. Using static analysis of malware, we generate descriptive features to be used in conjunction with deep learning, in order to predict malware families. Our meta-model can determine when simple and less expensive malware characterization will suffice to accurately classify malicious executables, or when more computationally expensive descriptions are required. Finally, our meta-model is able to predict the simplest features and models to classify malware with an accuracy of up to 90%.","PeriodicalId":206638,"journal":{"name":"2018 Resilience Week (RWS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 Resilience Week (RWS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RWEEK.2018.8473556","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Bad actors have embraced automation to construct malware, and current analysis systems cannot keep up with the ever-increasing load of malware being created daily. Additionally, some static analysis of malware can be computationally expensive, and not all static analysis should be considered for every sample that is part of a large malware dataset. As a result, highly expressive and inexpensive characterizations of malicious code, coupled with low resource machine learning classification platforms are required. In this paper, we use deep learning to build a meta-model that finds the simplest classifiers to characterize and assign malware into their corresponding families. Using static analysis of malware, we generate descriptive features to be used in conjunction with deep learning, in order to predict malware families. Our meta-model can determine when simple and less expensive malware characterization will suffice to accurately classify malicious executables, or when more computationally expensive descriptions are required. Finally, our meta-model is able to predict the simplest features and models to classify malware with an accuracy of up to 90%.

查看原文本刊更多论文

基于深度学习的恶意软件高效表征与分类

恶意行为者已经采用自动化来构建恶意软件，而当前的分析系统无法跟上每天不断增加的恶意软件负载。此外，恶意软件的一些静态分析在计算上可能会很昂贵，并且不应该对大型恶意软件数据集的每个样本都考虑所有静态分析。因此，需要高度表达和廉价的恶意代码特征描述，以及低资源的机器学习分类平台。在本文中，我们使用深度学习来构建一个元模型，该模型可以找到最简单的分类器来描述恶意软件并将其分配到相应的家族中。使用恶意软件的静态分析，我们生成描述性特征，与深度学习结合使用，以预测恶意软件家族。我们的元模型可以确定何时简单且成本较低的恶意软件特征足以准确分类恶意可执行文件，或者何时需要更多计算成本较高的描述。最后，我们的元模型能够预测最简单的特征和模型来分类恶意软件，准确率高达90%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 Resilience Week (RWS)

自引率

0.00%

发文量