A Novel Malware Detection Mechanism based on Features Extracted from
Converted Malware Binary Images
- URL: http://arxiv.org/abs/2104.06652v1
- Date: Wed, 14 Apr 2021 06:55:52 GMT
- Title: A Novel Malware Detection Mechanism based on Features Extracted from
Converted Malware Binary Images
- Authors: Abhijitt Dhavlle and Sanket Shukla
- Abstract summary: We use malware binary images and then extract different features from the same and then employ different ML-classifiers on the dataset thus obtained.
We show that this technique is successful in differentiating classes of malware based on the features extracted.
- Score: 0.22843885788439805
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Our computer systems for decades have been threatened by various types of
hardware and software attacks of which Malwares have been one of them. This
malware has the ability to steal, destroy, contaminate, gain unintended access,
or even disrupt the entire system. There have been techniques to detect malware
by performing static and dynamic analysis of malware files, but, stealthy
malware has circumvented the static analysis method and for dynamic analysis,
there have been previous works that propose different methods to detect malware
but, in this work we propose a novel technique to detect malware. We use
malware binary images and then extract different features from the same and
then employ different ML-classifiers on the dataset thus obtained. We show that
this technique is successful in differentiating classes of malware based on the
features extracted.
Related papers
- Obfuscated Memory Malware Detection [2.0618817976970103]
We show how Artificial Intelligence and Machine learning can be used to detect and mitigate these cyber-attacks induced by malware in specific obfuscated malware.
We propose a multi-class classification model to detect the three types of obfuscated malware with an accuracy of 89.07% using the Classic Random Forest algorithm.
arXiv Detail & Related papers (2024-08-23T06:39:15Z) - Obfuscated Malware Detection: Investigating Real-world Scenarios through Memory Analysis [0.0]
We propose a simple and cost-effective obfuscated malware detection system through memory dump analysis.
The study focuses on the CIC-MalMem-2022 dataset, designed to simulate real-world scenarios.
We evaluate the effectiveness of machine learning algorithms, such as decision trees, ensemble methods, and neural networks, in detecting obfuscated malware within memory dumps.
arXiv Detail & Related papers (2024-04-03T00:13:23Z) - MalDICT: Benchmark Datasets on Malware Behaviors, Platforms, Exploitation, and Packers [44.700094741798445]
Existing research on malware classification focuses almost exclusively on two tasks: distinguishing between malicious and benign files and classifying malware by family.
We have identified four tasks which are under-represented in prior work: classification by behaviors that malware exhibit, platforms that malware run on, vulnerabilities that malware exploit, and packers that malware are packed with.
We are releasing benchmark datasets for each of these four classification tasks, tagged using ClarAVy and comprising nearly 5.5 million malicious files in total.
arXiv Detail & Related papers (2023-10-18T04:36:26Z) - Review of Deep Learning-based Malware Detection for Android and Windows
System [2.855485723554975]
Most of the recent malware families are Artificial Intelligence (AI) enable and can deceive traditional anti-malware systems using different obfuscation techniques.
In this study we review two AI-enabled techniques for detecting malware in Windows and Android operating system, respectively.
arXiv Detail & Related papers (2023-07-04T06:02:04Z) - DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified
Robustness [58.23214712926585]
We develop a certified defense, DRSM (De-Randomized Smoothed MalConv), by redesigning the de-randomized smoothing technique for the domain of malware detection.
Specifically, we propose a window ablation scheme to provably limit the impact of adversarial bytes while maximally preserving local structures of the executables.
We are the first to offer certified robustness in the realm of static detection of malware executables.
arXiv Detail & Related papers (2023-03-20T17:25:22Z) - Multi-view Representation Learning from Malware to Defend Against
Adversarial Variants [11.45498656419419]
We propose Adversarially Robust Multiview Malware Defense (ARMD), a novel multi-view learning framework to improve the robustness of DL-based malware detectors against adversarial variants.
Our experiments on three renowned open-source deep learning-based malware detectors across six common malware categories show that ARMD is able to improve the adversarial robustness by up to seven times on these malware detectors.
arXiv Detail & Related papers (2022-10-25T22:25:50Z) - Adversarial Attacks against Windows PE Malware Detection: A Survey of
the State-of-the-Art [44.975088044180374]
This paper focuses on malware with the file format of portable executable (PE) in the family of Windows operating systems, namely Windows PE malware.
We first outline the general learning framework of Windows PE malware detection based on ML/DL.
We then highlight three unique challenges of performing adversarial attacks in the context of PE malware.
arXiv Detail & Related papers (2021-12-23T02:12:43Z) - A Comparison of State-of-the-Art Techniques for Generating Adversarial
Malware Binaries [2.0559497209595814]
We evaluate three recent adversarial malware generation techniques using binary malware samples drawn from a single, publicly available malware data set.
Our results show that among the compared techniques, the most effective technique is the one that strategically modifies bytes in a binary's header.
arXiv Detail & Related papers (2021-11-22T19:26:33Z) - Mate! Are You Really Aware? An Explainability-Guided Testing Framework
for Robustness of Malware Detectors [49.34155921877441]
We propose an explainability-guided and model-agnostic testing framework for robustness of malware detectors.
We then use this framework to test several state-of-the-art malware detectors' abilities to detect manipulated malware.
Our findings shed light on the limitations of current malware detectors, as well as how they can be improved.
arXiv Detail & Related papers (2021-11-19T08:02:38Z) - Being Single Has Benefits. Instance Poisoning to Deceive Malware
Classifiers [47.828297621738265]
We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier.
As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger.
We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
arXiv Detail & Related papers (2020-10-30T15:27:44Z) - Adversarial EXEmples: A Survey and Experimental Evaluation of Practical
Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes.
We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks.
These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
arXiv Detail & Related papers (2020-08-17T07:16:57Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.