Researchers from Intel and Microsoft are working together to study new applications of deep learning for classifying malware, said Microsoft in a blog post. “The basis for this study is the observation that if malware binaries are plotted as grayscale images, the textural and structural patterns can be used to effectively classify binaries as either benign or malicious, as well as cluster malicious binaries into respective threat families,” said the company.
Their research project, called STAMINA (STAtic Malware-as-Image Network Analysis, which has been found to achieve high accuracy in detecting malware with low false positives.
Microsoft explains that through this analysis, metadata is produced, which is analysed by machine learning classifiers on the client and in the cloud to determine whether a file is malicious. Use of static analysis approach is said to catch most threats before they can even run.
As part of this research project, the companies adopted a three-step approach — image conversion, transfer learning, and evaluation.
Firstly, the researchers prepared the binaries by converting them into two-dimensional images through a process that involves pixel conversion, reshaping, and resizing. The second step was to use transfer learning, a technique for overcoming the isolated learning paradigm and utilizing knowledge acquired for one task to solve related ones. Finally, the performance of the system was measured and reported on the holdout test set.
In its findings, the companies found that applying STAMINA achieved 99.07% accuracy at 2.58% false positive rate overall.
“The results certainly encourage the use of deep transfer learning for the purpose of malware classification,” said Jugal Parikh and Marc Marino, researchers from Microsoft Threat Protection Intelligence Team. “The use of deep learning methods for detecting threats drives a lot of innovation across Microsoft. The collaboration with Intel Labs researchers is just one of the ways in which Microsoft researchers and data scientists continue to explore novel ways to improve security overall,” they added.
William Wall is a self-taught investor and follows the value investing approach to picking stocks. He possesses over 10 years of investment experience, an M.B.A. from Louisiana State University, and is also certified in Risk Management Assurance. William is a Certified Internal Auditor, Data Miner, and author with a career broadly spanning over multiple business areas. He has exploited those observations and developed investment tactics within a fundamentally sound long-term investment strategy. He currently covers Earnings News category for our site.
Address: 4188 Spadafore Drive, Erie, Pennsylvania
Phone number: 814-705-9247
Email: [email protected]