Neural Networks For Malware Detection Using Static Analysis

Abstract

Malware is software that enables adversaries to execute their goals by affecting their target devices confidentiality, integrity, or availability. Malware is constantly evolving and detection methods must find ways to detect the new variants. This research developed a new method of detecting malware using a neural-network architecture. The method is not signature-based, unlike most existing methods, and would aid in finding previously unseen malware. It analyzes software using three separate static-analysis methods to obtain a list of features, which when input into the neural network are used to classify the software as malware or not malware. The three methods were the binary-to-grayscale, statistical-N-grams, and dynamic-link-libraries. The binary-to-grayscale approach performed poorly. The other two strategies performed better, but had room for improvement; statistical-N-grams and dynamic-link-libraries showed complementary results that suggest combining them would yield a more effective detection method.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2019
Accession Number
AD1073631

Entities

People

  • Pawel Kalinowski

Organizations

  • Naval Postgraduate School

Tags

DTIC Thesaurus Topics

  • Anti-Virus Software
  • Artificial Intelligence
  • Artificial Intelligence Software
  • Automata Theory
  • Computational Science
  • Computer Languages
  • Computer Programming
  • Computer Science
  • Computers
  • Cybersecurity
  • Information Science
  • Machine Learning
  • Network Architecture
  • Network Science
  • Neural Networks
  • Operating Systems
  • Probabilistic Models

Fields of Study

  • Computer science

Readers

  • Computer Vision.
  • Cybersecurity.

Technology Areas

  • AI & ML
  • AI & ML - Neural Networks
  • Cyber