NEURAL NETWORKS FOR MALWARE DETECTION USING STATIC ANALYSIS
Rowe, Neil C.
Eagle, Christopher S.
MetadataShow full item record
Malware is software that enables adversaries to execute their goals by affecting their target devices’ confidentiality, integrity, or availability. Malware is constantly evolving and detection methods must find ways to detect the new variants. This research developed a new method of detecting malware using a neural-network architecture. The method is not signature-based, unlike most existing methods, and would aid in finding previously unseen malware. It analyzes software using three separate static-analysis methods to obtain a list of features, which when input into the neural network are used to classify the software as malware or not malware. The three methods were the binary-to-grayscale, statistical-N-grams, and dynamic-link-libraries. The binary-to-grayscale approach performed poorly. The other two strategies performed better, but had room for improvement; statistical-N-grams and dynamic-link-libraries showed complementary results that suggest combining them would yield a more effective detection method.
Approved for public release. distribution is unlimited
Showing items related by title, author, creator and subject.
Eagle, Chris (2006-10-31);Virtually every virus and worm that circulates the Internet today is ""protected"" by some form of obfuscation that hides the code's true intent. In the Window's world where worms prevail, the use of tools such as UPX, ...
Hayes, Nathaniel J. (Monterey, California. Naval Postgraduate School, 2013-03);The threat of degradation or disruption from cyber infiltration, espionage, and theft to militarily and nationally critical information and network systems poses a significant challenge to DoD and DON. To mitigate this ...
Taguchi, James K. (Monterey, California: Naval Postgraduate School, 2013-06);With digital storage becoming cheaper, bigger, and more prevalent, finding evidence from the hard drives collected for a case is too difficult and time consuming. Simply reading an entire drive takes hours and it takes ...