Abstract
The increasing sophistication of malware variants such as encryption, polymorphism, and obfuscation calls for the new detection and classification technology. In this paper, MalDeep, a novel malware classification framework of deep learning based on texture visualization, is proposed against malicious variants. Through code mapping, texture partitioning, and texture extracting, we can study malware classification in a new feature space of image texture representation without decryption and disassembly. Furthermore, we built a malware classifier on convolutional neural network with two convolutional layers, two downsampling layers, and many full connection layers. We adopt the dataset, from Microsoft Malware Classification Challenge including 9 categories of malware families and 10868 variant samples, to train the model. The experiment results show that the established MalDeep has a higher accuracy rate for malware classification. In particular, for some backdoor families, the classification accuracy of the model reaches over 99%. Moreover, compared with other main antivirus software, MalDeep also outperforms others in the average accuracy for the variants from different families.
Highlights
Nowadays, with the advent of Internet of Things era, Cyberspace, known as the “fifth dimensional space”, whose tentacles have extended to all aspects of life, is inextricably linked to everyone all over the world
Symantec’s report [2] states that in 2017 the mobile terminal malicious code family for mobile terminal grew by 54% over the same period in the last year
MalDeep, a novel malware classification framework of deep learning based on texture visualization, is proposed against malware variants
Summary
With the advent of Internet of Things era, Cyberspace, known as the “fifth dimensional space”, whose tentacles have extended to all aspects of life, is inextricably linked to everyone all over the world. According to the release of AV-Test [1], an internationally renowned security software evaluation agency, by the end of 2017 more than 600 million of the Windows malware and nearly 19 million of the malicious code variants for Android devices had been discovered. The number of malicious code variants has risen sharply from 5:1 per family in 2011 to 38:1 in 2012 [3]. This suggests that malicious code programmers spend more time making minor changes or packaging to further propagate and escape detection. The detection method against malicious code variants is the focus of current malware protection
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
