Malware Signatures Detection with Neural Networks

Abstract

Malware detection and prevention is a cornerstone of computer security. Without proper computer security our data would be vulnerable and at risk of leak. Each malicious program performs a certain activity that we are able to describe in machine code. By converting machine code to visual form, may be a way to detect hidden malicious structures which would not be detectable in plain text machine code form. A Convolutional Neural Network (CNN) takes an image as input and returns the class to which it belongs. Classifying generated visualized machine code with CNN into the respective groups is a main task. At first, we will create generators of source machine code. Later on, we will define what is signature and how it differs from a normal source code. Last but not least we will modify signatures by adding redundant idle machine code instructions. Our overall task will be to classify code by its signature.