Barnum: Detecting Document Malware via Control Flow Anomalies in Hardware Traces

Yagemann, Carter; Sultana, Salmin; Chen, Li; Lee, Wenke

doi:10.1007/978-3-030-30215-3_17

Cited by 13 publications

(10 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the problems of traditional CFI are: (1) Existing CFI implementations are not compatible with some of important code features (Xu et al 2019); (2) CFGs generated by static, dynamic or combined analysis cannot always be precisely completed due to some open problems (Horwitz 1997); (3) There always exist certain level of compromises between accuracy and performance overhead and other important properties (Tan and Jaeger 2017; Wang and Liu 2019). Recent research has proposed to apply Deep Learning on detecting control flow violation.…”

Section: A Closer Look At Applications Of Deep Learning In Achieving mentioning

confidence: 99%

Using deep learning to solve computer security challenges: a survey

et al. 2020

View full text Add to dashboard Cite

Although using machine learning techniques to solve computer security challenges is not a new idea, the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community. This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges. In particular, the review covers eight computer security problems being solved by applications of Deep Learning: security-oriented program analysis, defending return-oriented programming (ROP) attacks, achieving control-flow integrity (CFI), defending network attacks, malware classification, system-event-based anomaly detection, memory forensics, and fuzzing for software security.

show abstract

Section: A Closer Look At Applications Of Deep Learning In Achieving mentioning

confidence: 99%

Using deep learning to solve computer security challenges: a survey

et al. 2020

View full text Add to dashboard Cite

show abstract

“…After doing a thorough literature search, we observed that security researchers are quite behind the trend of applying Deep Learning techniques to solve security problems. Only one paper has been founded by us, using Deep Learning techniques to directly enhance the performance of CFI [17]. This paper leveraged Deep Learning to detect document malware through checking program's execution traces that generated by hardware.…”

Section: Key Findings From a Closer Lookmentioning

confidence: 99%

“…In all surveyed papers, there are two kinds of control flow related data being used: program instruction sequences and CFGs. Barnum et al [17] employed statically and dynamically generated instruction sequences acquired by program disassembling and Intel R Processor Trace. CNNoverCFG [18] used self-designed algorithm to construct instruction level control-flow graph.…”

Section: Key Findings From a Closer Lookmentioning

confidence: 99%

“…Recent research has proposed to apply Deep Learning on detecting control flow violation. Their result shows that, compared with traditional CFI implementation, the security coverage and scalability were enhanced in such a fashion [17]. Therefore, we argue that Deep Learning could be another approach which requires more attention from CFI researchers who aim at achieving control-flow integrity more efficiently and accurately.…”

Section: Introductionmentioning

confidence: 96%

“…In this section, we will review the very recent three representative papers that use Deep Learning for achieving CFI. Among the three, two representative papers [17,18] are already summarized phase-by-phase in Table 1. We refer to interested readers the Table 1 for a concise overview of those two papers.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Using Deep Learning to Solve Computer Security Challenges: A Survey

Choi

Liu

Shang

et al. 2019

Preprint

View full text Add to dashboard Cite

Although using machine learning techniques to solve computer security challenges is not a new idea, the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community. This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges. In particular, the review covers eight computer security problems being solved by applications of Deep Learning: securityoriented program analysis, defending return-oriented programming (ROP) attacks, achieving control-flow integrity (CFI), defending network attacks, malware classification, systemevent-based anomaly detection, memory forensics, and fuzzing for software security.

show abstract

MDCD: A malware detection approach in cloud using deep learning

Tian

Zhao

Jia

et al. 2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

With the increasing popularity of cloud computing applications, the threat of malware attack against cloud environments is getting worse. To defend against malware attacks in the cloud, some virtualization‐based approaches are proposed. However, the existing methods suffer from limitations in terms of detection accuracy, deployment effort, and performance cost. To address these issues, we propose MDCD, a novel dynamic malware detection solution for cloud environments. This method first utilizes a lightweight agent to collect the run‐time utilization information from the target virtual machine (VM). Then, it leverages the memory forensics analysis technique to extract the memory object information from the target VM's memory. To fully make use of the run‐time utilization and memory object information for malware detection, we propose a multi‐CNN model, which combines multiple convolutional neural networks (CNNs) efficiently. The evaluation shows that our approach can achieve an average detection accuracy, precision, recall, and F1 Score of 98.89%, 97.01%, 98.17%, and 97.89% respectively. Compared with the existing solutions, our method can detect multiple malicious processes effectively with little deployment effort.

show abstract

Barnum: Detecting Document Malware via Control Flow Anomalies in Hardware Traces

Cited by 13 publications

References 26 publications

Using deep learning to solve computer security challenges: a survey

Using deep learning to solve computer security challenges: a survey

Using Deep Learning to Solve Computer Security Challenges: A Survey

MDCD: A malware detection approach in cloud using deep learning

Contact Info

Product

Resources

About