ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Detection of Malicious Binaries by Deep Learning Methods

Chukka, AR and Devi, VS (2021) Detection of Malicious Binaries by Deep Learning Methods. In: 6th International Conference on Internet of Things, Big Data and Security, IoTBDS 2021, 23 - 25 April 2021, Virtual, Online, pp. 132-139.

Full text not available from this repository.
Official URL: https://doi.org/10.5220/0010379701320139


Modern day cyberattacks are complex in nature. These attacks have adverse effects like loss of privacy, intellectual property and revenue on the victim institutions. These attacks have sophisticated payloads like ransom-ware for money extortion, distributed denial of service(DDOS) malware for service disruptions and advanced persistent threat(APT) malware to posses complete control over the victims computing resources. These malware are metamorphic and polymorphic in nature and contains root-kit components to maintain stealth and hide their malicious activity. So conventional defence mechanisms like rule-based and signature based mechanisms fail to detect these malware. Modern approaches use behavioural analysis(static analysis, dynamic analysis) to identity this kind of malware. However behavioural analysis process is hindered by factors like execution environment detection, code obfuscation, anti virtualization, anti-debugging, analysis environment detection etc. Behavioural analysis also requires domain expert to review the large amount of logs produced by it to decide on the nature of the binary which is complex, time consuming and expensive. To deal with these problems we proposed deep learning methods, where convolutional neural network model is trained on the image representation of the binary to decide the binary nature as malicious or benign. In this work we have encoded the binaries into images in a unique way. Deep convolution neural network is trained on these images to learn the features to identify the binary as malicious or normal. The malware and benign samples for the dataset creation are collected from online sources and windows operating system along with compatible third party application software respectively.

Item Type: Conference Paper
Publication: International Conference on Internet of Things, Big Data and Security, IoTBDS - Proceedings
Publisher: Science and Technology Publications, Lda
Additional Information: The copyright for this article belongs to the Science and Technology Publications, Lda.
Keywords: Application programs; Complex networks; Convolution; Convolutional neural networks; Cybersecurity; Deep neural networks; Denial-of-service attack; Information systems; Learning systems; Network security; Static analysis; Windows operating system, Advanced persistent threat; Behavioral analysis; Convolutional neural network; Deep learning model; Executables; Learning models; Malware analysis; Malware detection; Malwares; Portalble executable, Malware
Department/Centre: Division of Electrical Sciences > Computer Science & Automation
Date Deposited: 06 Oct 2022 11:23
Last Modified: 06 Oct 2022 11:23
URI: https://eprints.iisc.ac.in/id/eprint/77265

Actions (login required)

View Item View Item