Malware Detection Using Black-Box Neural Method
[ 1 ] Instytut Automatyki, Robotyki i Inżynierii Informatycznej, Wydział Elektryczny, Politechnika Poznańska | [ P ] pracownik
[2.2] Automatyka, elektronika i elektrotechnika[2.3] Informatyka techniczna i telekomunikacja
2019
rozdział w monografii naukowej / referat
angielski
- malware detection
- Microsoft Kaggle malware classification challenge
- malware convolution neural networks
EN Because of the great loss and damage caused by malwares, malware detection has become a central issue of computer security. It has to be fast and very accurate. To develop suitable methods on needs very good quality benchmarks. One such benchmark is the Microsoft Kaggle malware challenge system run in 2015. Since then over 50 papers were published on this system. The best result were achieved with complex feature engineering. In this work we analyze the black-box neural method and what is novel analyze its results against the Microsoft Kaggle malware challenge benchmark. It is tempting to use convolution neural networks for malware analysis following the great success with analysis of images. Even the use of balanced classes and drop-out convergence does not beat XGBoost with feature engineering, although some room for improvement exists. The situation is similar to that for language analysis. The language is much more hierarchical than image, and apparently malware is too. The malware analysis still awaits optimal neural network architecture.
180 - 189
11th International Conference MISSI 2018, 12-14.09.2018, Wrocław, Poland
20