Abstract for HONS 01/18 - Computer Science and Software Engineering - University of Canterbury - New Zealand

Abstract for HONS 01/18

Malware Detection with Malware Images using Deep Learning Techniques

Ke He
Department of Computer Science and Software Engineering
University of Canterbury

Abstract

Driven by economic benefits, the number of malware attacks is increasing significantly on a daily basis. Malware Detection Systems (MDS) is the first line of defence against malicious attacks, thus it is important for malware detection systems to accurately and efficiently detect malware. Current MDS typically utilizes traditional machine learning algorithms that require feature selection and extraction, which are time-consuming and error-prone. Conventional deep learning based approaches use Recurrent Neural Networks (RNN) which is vulnerable to redundant API injection, thus we investigate the effectiveness of Convolutional Neural Networks (CNN) against redundant API injection. We designed a malware detection system that transforms malware files into image representations and classifies the image representation with CNN. The CNN is implemented with spatial pyramid pooling layers (SPP) to deal with varying size input. We evaluate the effectiveness of SPP and image colour space (greyscale/RGB) by measuring the performance of our system on both unaltered data and adversarial data with redundant API injected. Results show that naive SPP implementation is impractical due to memory constraints and greyscale imaging is effective against redundant API injection.
  • Phone: +64 3 369 2777
    Fax: +64 3 364 2569
    CSSEadministration@canterbury.ac.nz
  • Computer Science and Software Engineering
    University of Canterbury
    Private Bag 4800, Christchurch
    New Zealand
  • Follow us
    FacebookYoutubetwitterLinked In