Stealthy Malware Detection using RNN-Based Automated Localized Feature Extraction and Classifier

Shukla, Sanket; Kolhe, Gaurav; D, Sai Manoj P; Rafatirad, Setareh

doi:10.1109/ictai.2019.00088

Cited by 22 publications

(10 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They have also used ML-models to classify applications and supported their claim. In [6,7] authors detect stealthy malwares by converting malware binaries into grayscale images and then extracting patterns by performing raster scanning. The grayscale images are further represented as sequence of patterns which are further used for sequence classification using RNN-LSTM's.…”

Section: Classification Resultsmentioning

confidence: 99%

See 1 more Smart Citation

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

Dhavlle,

Shukla

2021

Preprint

Self Cite

View full text Add to dashboard Cite

Our computer systems since decades have been threatened by various types of harware and software attacks of which Malwares have been one of them. These malwares have the ability to steal, destroy, contaminate, gain unintended access or even disrupt the entire system. There have been techniques to detect malwares by performing static and dynamic analysis of malware files, but, stealthy malware has circumvented the static analysis method and for dynamic analysis there have been previous works that propose different methods to detect malwares but, in this work we propose a novel technique to detect malwares. We use malware binary images and then extract different features from the same and then employ different ML-classifiers on the dataset thus obtained. We show that this technique is successful in differentiating classes of malware based on the features extracted.

show abstract

Section: Classification Resultsmentioning

confidence: 99%

“…The hardware security discipline in recent years experienced a plethora of threats like the Malware attacks [1,2,3,4,5,6,7], Side-Channel Attacks [8,9,10,11], Hardware Trojan attacks [12], reverse engineering threats [13,14,15] and so on. We focus on the malware detection technique here along with some state-of-the-art works.…”

Section: Introductionmentioning

confidence: 99%

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

Dhavlle,

Shukla

2021

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…LSTM networks have been widely applied to various real-world applications and achieved state-of-theart performances such as speech recognition [16], handwriting recognition [17]. In [18], LSTM networks are used to process localized features and perform the classification to detect stealthy malware. In this paper, we employed LSTM to extract general information from local features of each block in disassembled CFGs of binaries and further use the information for similarity detection.…”

Section: Lstm Recurrent Neural Networkmentioning

confidence: 99%

Binary Code Similarity Detection through LSTM and Siamese Neural Network

Luo¹,

Hou²,

Zhou³

et al. 2021

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Given the fact that many software projects are closed-source, analyzing security-related vulnerabilities at the binary level is quintessential to protect computer systems from attacks of malware. Binary code similarity detection is a potential solution for detecting malware from the binaries generated by the processor. In this paper, we proposed a malware detection mechanism based on the binaries using machine learning techniques. Through utilizing the Recurrent Neural Network (RNN), more specifically Long Short-Term Memory (LSTM) network, we generate the uniformed feature embedding of each binary file and further take advantage of the Siamese Neural Network to compute the similarity measure of the extracted features. Therefore, the security risks of the software projects can be evaluated through the similarity measure of the corresponding binaries with existing trained malware. Our real-world experimental results demonstrate a convincing performance in distinguishing out the outliers, and achieved slightly better performance compared with existing state-of-theart methods.

show abstract

“…The hardware security domain in recent years has experienced a plethora of threats Side-Channel Attacks [1,2], Malware attacks [3][4][5][6][7][8][9], Hardware Trojan attacks [10], reverse engineering threats [11][12][13] and so on. Among multiple threats, the side-channel attacks (SCAs) is one of the pivotal threats due to it's capability to exploit the design despite being introduced in the market post-validation.…”

Section: Introductionmentioning

confidence: 99%

Adversarial Learning Inspired Emerging Side-Channel Attacks and Defenses

Dhavlle¹

2021

Preprint

View full text Add to dashboard Cite

Evolving attacks on the vulnerabilities of the computing systems demand novel defense strategies to keep pace with newer attacks. This report discusses previous works on side-channel attacks (SCAs) and defenses for cache-targeted and physical proximity attacks. We then discuss the proposed Entropy-Shield as a defense against timing SCAs, and explain how we can extend the same to hardware-based implementations of crypto applications as "Entropy-Shield for FPGA". We then discuss why we want to build newer attacks with the hope of coming up with better defense strategies.

show abstract

Stealthy Malware Detection using RNN-Based Automated Localized Feature Extraction and Classifier

Cited by 22 publications

References 19 publications

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

Binary Code Similarity Detection through LSTM and Siamese Neural Network

Adversarial Learning Inspired Emerging Side-Channel Attacks and Defenses

Contact Info

Product

Resources

About