Malware Analysis with Artificial Intelligence and a Particular Attention on Results Interpretability

07/23/2021
by   Benjamin Marais, et al.
0

Malware detection and analysis are active research subjects in cybersecurity over the last years. Indeed, the development of obfuscation techniques, as packing, for example, requires special attention to detect recent variants of malware. The usual detection methods do not necessarily provide tools to interpret the results. Therefore, we propose a model based on the transformation of binary files into grayscale image, which achieves an accuracy rate of 88 packed or encrypted with a precision of 85 and act appropriately. Also, by applying attention mechanisms on detection models, we have the possibility to identify which part of the files looks suspicious. This kind of tool should be very useful for data analysts, it compensates for the lack of interpretability of the common detection models, and it can help to understand why some malicious files are undetected.

READ FULL TEXT

page 4

page 5

page 9

page 10

research
06/10/2019

Malware Detection with LSTM using Opcode Language

Nowadays, with the booming development of Internet and software industry...
research
08/28/2020

A Network-Assisted Approach for Ransomware Detection

Ransomware is a kind of malware using cryptographic mechanisms to preven...
research
04/01/2019

A Novel Malware Detection System Based On Machine Learning and Binary Visualization

The continued evolution and diversity of malware constitutes a major thr...
research
12/16/2020

Beyond the Hype: A Real-World Evaluation of the Impact and Cost of Machine Learning–Based Malware Detection

There is a lack of scientific testing of commercially available malware ...
research
02/18/2023

Experimental Toolkit for Manipulating Executable Packing

Be it for a malicious or legitimate purpose, packing, a transformation t...
research
09/26/2022

Evaluating Malware Forensics Tools

We present an example implementation of the previously published Malware...
research
02/09/2021

Avaddon ransomware: an in-depth analysis and decryption of infected systems

The commoditization of Malware-as-a-Service (MaaS) allows criminals to o...

Please sign up or login with your details

Forgot password? Click here to reset