AST-Based Deep Learning for Detecting Malicious PowerShell

10/03/2018
by   Gili Rusak, et al.
0

With the celebrated success of deep learning, some attempts to develop effective methods for detecting malicious PowerShell programs employ neural nets in a traditional natural language processing setup while others employ convolutional neural nets to detect obfuscated malicious commands at a character level. While these representations may express salient PowerShell properties, our hypothesis is that tools from static program analysis will be more effective. We propose a hybrid approach combining traditional program analysis (in the form of abstract syntax trees) and deep learning. This poster presents preliminary results of a fundamental step in our approach: learning embeddings for nodes of PowerShell ASTs. We classify malicious scripts by family type and explore embedded program vector representations.

READ FULL TEXT
research
09/18/2014

Convolutional Neural Networks over Tree Structures for Programming Language Processing

Programming language processing (similar to natural language processing)...
research
04/11/2018

Detecting Malicious PowerShell Commands using Deep Neural Networks

Microsoft's PowerShell is a command-line shell and scripting language th...
research
09/11/2014

Building Program Vector Representations for Deep Learning

Deep learning has made significant breakthroughs in various fields of ar...
research
09/09/2020

Multimodal Deep Learning for Flaw Detection in Software Programs

We explore the use of multiple deep learning models for detecting flaws ...
research
03/05/2021

MalBERT: Using Transformers for Cybersecurity and Malicious Software Detection

In recent years we have witnessed an increase in cyber threats and malic...
research
10/31/2022

Latent Semantic Structure in Malicious Programs

Latent Semantic Analysis is a method of matrix decomposition used for di...
research
08/09/2021

A Neural Approach for Detecting Morphological Analogies

Analogical proportions are statements of the form "A is to B as C is to ...

Please sign up or login with your details

Forgot password? Click here to reset