The vision-based approach for malware classification consumes the structural and textural information of malware or benign applications as a whole, when the binaries are directly converted to pixel values between 0 and 255. Such an approach provides a visualization on the abstract malware samples.
, I propose deep transfer learning for static malware classification, where I augment the grey-scale malware images into RGB-channels, and apply transfer learning on the malware dataset. The pre-trained deep neural networks such as Inception, VGG or ResNet are obtained from natural images from ImageNet database, so that the models contain significant amount of learned features from large quantities of images. Transfer learning from the natural image domain to the malware image target domain minimizes the efforts to search for the optimal neural network architecture or the best parameter sets, accelerates the training time on the malware dataset, while still maintaining high classification accuracy and false positive rate.
In all the real data experiments in , the proposed method outperforms with the highest classification accuracy, lowest false positive rate, highest true positive rate and highest
score compared with all other selected classical machine learning algorithms such as shallow fully connected neural networks (shallow NN), naive Bayes, 5-nearest neighbor (5NN), linear discriminant analysis (LDA), random forest, XGB, support vector machine with linear kernel (SVM-linear), support vector machine with radial kernel (SVM-radial), and also outperforms training-from-scratch scheme. A performance table is presented in Table1.
Furthermore we extend deep transfer learning for dynamic exploit detection , where we convert the control flow packets generated from Intel Processor Trace into time series of images, propose a hierarchical ensemble neural network (HeNet) via deep transfer learning for dynamic return-oriented-programming attacks and show its highest classification accuracy with lowest false positive rate compared with commonly used machine learning algorithms such as random forest, nearest neighbor, naive Bayes. Indeed, vision-based transfer learning techniques on malware images not only save tremendous efforts for manual feature engineering, but also possess superior performance for malware classification tasks.
TFS via shallow NN
|Random forest PCA||95.73%||0.548%||84.26%|
Despite the effectiveness of the computer vision based methods for malware classification, understanding the reason why the image-based transfer learning methods makes such predictions on the malware images is critical for security researchers and practitioners. The interpretations will generate valuable insights to triage malware families and enhance the practitioners’ trust to the model. Hence an effective model for deployment need not only the best classification performance but also the best reliability from being able to explain its predictions.
In , I propose to extend the local-interpretable model-agnostic explanation approach  to identify which regions in the malware binary contribute to prediction by the neural networks. An example is seen in Figure 1
. Such interpretability highlights the advantage of approaching the malware problem from computer vision direction, so that interpretation becomes concrete as to indicate the actual locations of potential malicious signals. Security practitioners, based on the algorithmic interpretation finding, can check the code and verify whether the ML-identified locations contain the malicious signatures unique to certain families. This direction provides one step closer to uncover reasoning behind black-box deep learning algorithms for malware detection.
There are always adversaries who intentionally want to bypass malware detection. The importance of studying the attack surface of machine learning algorithms for malware detection helps improve the security and resiliency of the malware detection systems.
In a case study ,we examine the robustness and resiliency of machine learning based ransomware detection systems. Specifically we propose to synthesize dynamic ransomware behaviors via the auxiliary generative adversarial network (AC-GAN) and demonstrate that the generated malicious behaviors can greatly reduce the efficacy of black-box ransomware classifiers.
GANs are primarily used in computer vision to generate natural images that seem real to the human eyes and their training process can be terminated when the generated images resemble the real ones. However, the inputs in our case study are dynamic ransomware execution logs, so we modify the training termination criterion based on the loss function of the discriminator. To avoid mode collapsing issues in training, we segment the trace logs and employ transfer learning from GANs applied on natural images to enable faster convergence and better quality sample generation. We further propose a set of adversarial quality metrics to quantify the generalized maliciousness in the generated dataset. Our discoveries indicate a broad attack surface on even black-box ML-based malware detectors and advocates adversarial training to enhance the robustness of the system. The case study emphasizes another critical vector for security-based machine learning usage: how to establish model resiliency to defend against carefully crafted adversarial malware attacks.
4 Future Research Directions
The recent advances of computer vision motivate novel cybersecurity measures. Below are a few research directions worth considering within this research community.
Semi-supervised algorithms are greatly desired to fit the practical challenges of data without ground truths or evolving malware families. We previously proposed model-based semi-supervised learning for dynamic Android malware detection. Extending the model-based approach to image-based malware samples can be valuable to address the issues mentioned above.
Interpretability We will continue the study of interpretability and explainability of deep learning models for image-based malware detection. We plan to investigate the schemes of establishing an overall trustworthy score for the deep learning model and use such a score for model selection for deployment in cyber-security applications.
-  L. Chen. Deep transfer learning for static malware classification. arXiv preprint arXiv:1812.07606, 2018.
-  L. Chen, S. Sultana, and R. Sahita. Henet: A deep learning approach on intel ® processor trace for effective exploit detection. IEEE Symposium on Security and Privacy Workshop. arXiv preprint arXiv:1801.02318, 2018.
-  L. Chen, C.-Y. Yang, A. Paul, and R. Sahita. Towards resilient machine learning for ransomware detection. arXiv preprint arXiv:1812.09400, 2018.
-  L. Chen, M. Zhang, C.-y. Yang, and R. Sahita. Poster: Semi-supervised classification for dynamic android malware detection. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 2479–2481. ACM, 2017.
-  A. Makandar and A. Patrot. Malware image analysis and classification using support vector machine. International Journal of Trends in Computer Science and Engineering, 4(5):01–03, 2015.
-  L. Nataraj, S. Karthikeyan, G. Jacob, and B. Manjunath. Malware images: visualization and automatic classification. In Proceedings of the 8th international symposium on visualization for cyber security, page 4. ACM, 2011.
-  M. T. Ribeiro, S. Singh, and C. Guestrin. Why should i trust you?: Explaining the predictions of any classifier. In Proceedings of the 22nd ACM SIGKDD international conference on knowledge discovery and data mining, pages 1135–1144. ACM, 2016.
-  R. Ronen, M. Radu, C. Feuerstein, E. Yom-Tov, and M. Ahmadi. Microsoft malware classification challenge. arXiv preprint arXiv:1802.10135, 2018.
-  S. Yue. Imbalanced malware images classification: a cnn based approach. arXiv preprint arXiv:1708.08042, 2017.