Inspiration
alware (e.g. viruses, worms and Trojan horses) has become one of the most significant threats on the Internet. With the help of generation tools, it becomes easy to generate new malware, resulting in a very rapid increase in the number of malware. Test reported that around 81,598,221 new malware samples were obtained in 2017, a 14% increase compared to the previous year. Among all these malware attacks, over 67% targeted Windows systems [1]. It has caused serious threat. For example, the ransomware ‘‘WannaCry’’ spread over 100 countries in the world and caused damage of 8 billion US dollar.
What it does
we propose a new method that classifies malware families using malware visualization. The method transforms malware binary files to grayscale images. To obtain discriminative features, we present a new learning framework which is formulated as a multi-layered model to characterize and analyze malware images using bag-ofvisual-words (BoVW).
Accomplishments that we're proud of
With the development of the Internet, malware has become one of the most significant threats. Recognizing specific types of malware is an important step toward effective removal. Malware visualization is an important branch of malware static analysis techniques, where a piece of malware is turned into an image for visualization and classification
What we learned
Experimental results demonstrate that the obtained descriptors are robust and discriminative, which lead to state-ofthe-art classification performance, outperforming existing methods. Starting from existing local descriptors (LBP or dense SIFT), we group them into blocks and build histograms. The extracted features are more flexible than global features (e.g. GIST) and more robust than local features. We evaluate the proposed method on three datasets, which are all from the Windows platform.
Log in or sign up for Devpost to join the conversation.