Malfustection: Obfuscated Malware Detection and Malware Classification with Data Shortage by Combining Semi-Supervised and Contrastive Learning

by   Mohammad Mahdi Maghouli, et al.

With the advent of new technologies, using various formats of digital gadgets is becoming widespread. In today's world, where everyday tasks are inevitable without technology, this extensive use of computers paves the way for malicious activity. As a result, it is important to provide solutions to defend against these threats. Malware is one of the well-known and widely used means utilized for doing destructive activities by malicious attackers. Producing malware from scratch is somewhat difficult, so attackers tend to obfuscate existing malware and prepare it to become an unrecognizable program. Since creating new malware from an old one using obfuscation is a creative task, there are some drawbacks to identifying obfuscated malwares. In this research, we propose a solution to overcome this problem by converting the code to an image in the first step and then using a semi-supervised approach combined with contrastive learning. In this case, an obfuscation in the malware bytecode corresponds to an augmentation in the image. Hence, by utilizing meaningful augmentations, which simulate some obfuscation changes and combine them to generate complex ambiguity procedures, our proposed solution is able to construct, learn, and detect a wide range of obfuscations. This work addresses two issues: 1) malware classification despite the data deficiency and 2) obfuscated malware detection by training on non-obfuscated malwares. According to the results, the proposed method overcomes the data shortage problem in malware classification, as its accuracy is 90.1 Moreover, training on basic malwares without obfuscation achieved 96.21 percent accuracy in detecting obfuscated malware.



There are no comments yet.


page 4

page 6

page 11

page 13

page 23


Obfuscation-resilient Android Malware Analysis Based on Contrastive Learning

Due to its open-source nature, Android operating system has been the mai...

Python and Malware: Developing Stealth and Evasive Malware Without Obfuscation

With the continuous rise of malicious campaigns and the exploitation of ...

SoK: Cryptojacking Malware

Emerging blockchain and cryptocurrency-based technologies are redefining...

Tools and Techniques for Malware Detection and Analysis

One of the major and serious threats that the Internet faces today is th...

Malware Traffic Classification: Evaluation of Algorithms and an Automated Ground-truth Generation Pipeline

Identifying threats in a network traffic flow which is encrypted is uniq...

A Network-Assisted Approach for Ransomware Detection

Ransomware is a kind of malware using cryptographic mechanisms to preven...

Marked for Disruption: Tracing the Evolution of Malware Delivery Operations Targeted for Takedown

The malware and botnet phenomenon is among the most significant threats ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.