Detection of Malicious Binaries by Deep Learning Methods

Anantha Chukka, V. Devi

Abstract

Modern day cyberattacks are complex in nature. These attacks have adverse effects like loss of privacy, intellectual property and revenue on the victim institutions. These attacks have sophisticated payloads like ransom-ware for money extortion, distributed denial of service(DDOS) malware for service disruptions and advanced persistent threat(APT) malware to posses complete control over the victims computing resources. These malware are metamorphic and polymorphic in nature and contains root-kit components to maintain stealth and hide their malicious activity. So conventional defence mechanisms like rule-based and signature based mechanisms fail to detect these malware. Modern approaches use behavioural analysis(static analysis, dynamic analysis) to identity this kind of malware. However behavioural analysis process is hindered by factors like execution environment detection, code obfuscation, anti virtualization, anti-debugging, analysis environment detection etc. Behavioural analysis also requires domain expert to review the large amount of logs produced by it to decide on the nature of the binary which is complex, time consuming and expensive. To deal with these problems we proposed deep learning methods, where convolutional neural network model is trained on the image representation of the binary to decide the binary nature as malicious or benign. In this work we have encoded the binaries into images in a unique way. Deep convolution neural network is trained on these images to learn the features to identify the binary as malicious or normal. The malware and benign samples for the dataset creation are collected from online sources and windows operating system along with compatible third party application software respectively.

Download


Paper Citation


in Harvard Style

Chukka A. and Devi V. (2021). Detection of Malicious Binaries by Deep Learning Methods. In Proceedings of the 6th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-504-3, pages 132-139. DOI: 10.5220/0010379701320139


in Bibtex Style

@conference{iotbds21,
author={Anantha Chukka and V. Devi},
title={Detection of Malicious Binaries by Deep Learning Methods},
booktitle={Proceedings of the 6th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2021},
pages={132-139},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010379701320139},
isbn={978-989-758-504-3},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - Detection of Malicious Binaries by Deep Learning Methods
SN - 978-989-758-504-3
AU - Chukka A.
AU - Devi V.
PY - 2021
SP - 132
EP - 139
DO - 10.5220/0010379701320139