A Method for Packed (and Unpacked) Malware Detection by Means of Convolutional Neural Networks

Giovanni Ciaramella; Giovanni Ciaramella; Fabio Martinelli; Antonella Santone; Francesco Mercaldo; Francesco Mercaldo

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

A Method for Packed (and Unpacked) Malware Detection by Means of Convolutional Neural Networks

Topics: Artificial Intelligence for Security and Privacy; Critical Infrastructure Protection; IoT Security and Privacy

In Proceedings of the 22nd International Conference on Security and Cryptography SECRYPT - Volume 1, 557-564, 2025 , Bilbao, Spain

Authors: Giovanni Ciaramella ^{1

;

2} ; Fabio Martinelli ³ ; Antonella Santone ⁴ and Francesco Mercaldo ^{2

;

4}

Affiliations: ¹ IMT School for Advanced Studies Lucca, Lucca, Italy ; ² Institute for Informatics and Telematics, National Research Council of Italy (CNR), Pisa, Italy ; ³ Institute for High Performance Computing and Networking, National Research Council of Italy (CNR), Rende, Italy ; ⁴ University of Molise, Campobasso, Italy

Keyword(s): Malware, Packed Malware, Obfuscation, Deep Learning, Security, Testing.

Abstract: The current signature-based mechanism implemented by free and commercial antimalware requires the presence of the signature of the malicious sample to provide protection, i.e., to detect malicious behavior. This is why malware writers are developing techniques that can change the syntax of the code but leave the semantics unchanged, i.e., the malware business logic. Among these techniques is the so-called packed malware, i.e., malware with binary code modified by packers, software aimed to pack software, compress it, and package it with a stub. It is a program capable of decompressing and executing it in memory. In this way, malware detected by antimalware is not even detected in the packed version. In this paper, we propose a technique to detect packed malware by exploiting convolutional neural networks. In a nutshell, the proposed method performs static analysis, i.e., it does not require running the application to detect the malicious samples: we start from the application’s binar y code exploited to generate an image that represents the input for a set of deep learning classifiers. The classifiers aim to discern an application under analysis between trusted or (packed) malicious. In the experimental analysis, we consider three different packers (i.e., mpress, BEP, and gzexe) to generate packed malware, thus demonstrating the ability of the proposed method to detect packed and unpacked malware with interesting performances. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 216.73.216.108

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Ciaramella, G., Martinelli, F., Santone, A., Mercaldo and F. (2025). A Method for Packed (and Unpacked) Malware Detection by Means of Convolutional Neural Networks. In Proceedings of the 22nd International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-760-3; ISSN 2184-7711, SciTePress, pages 557-564. DOI: 10.5220/0013210400003979

@conference{secrypt25,
author={Giovanni Ciaramella and Fabio Martinelli and Antonella Santone and Francesco Mercaldo},
title={A Method for Packed (and Unpacked) Malware Detection by Means of Convolutional Neural Networks},
booktitle={Proceedings of the 22nd International Conference on Security and Cryptography - SECRYPT},
year={2025},
pages={557-564},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013210400003979},
isbn={978-989-758-760-3},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 22nd International Conference on Security and Cryptography - SECRYPT
TI - A Method for Packed (and Unpacked) Malware Detection by Means of Convolutional Neural Networks
SN - 978-989-758-760-3
IS - 2184-7711
AU - Ciaramella, G.
AU - Martinelli, F.
AU - Santone, A.
AU - Mercaldo, F.
PY - 2025
SP - 557
EP - 564
DO - 10.5220/0013210400003979
PB - SciTePress