Journal of the Institute of Electronics and Information Engineers (전자공학회논문지)

The Institute of Electronics and Information Engineers (대한전자공학회)
권호 표지
DOI QR코드

DOI QR Code

Image-based Artificial Intelligence Deep Learning to Protect the Big Data from Malware

악성코드로부터 빅데이터를 보호하기 위한 이미지 기반의 인공지능 딥러닝 기법

  • Kim, Hae Jung (Department of Cyber Security, Kyung-il University) ;
  • Yoon, Eun Jun (Department of Cyber Security, Kyung-il University)
  • 김혜정 (경일대학교 사이버보안학과) ;
  • 윤은준 (경일대학교 사이버보안학과)
  • Received : 2016.11.03
  • Accepted : 2017.01.24
  • Published : 2017.02.25
Download PDF
⟨ Previous Next ⟩

Abstract

Malware, including ransomware to quickly detect, in this study, to provide an analysis method of malicious code through the image analysis that has been learned in the deep learning of artificial intelligence. First, to analyze the 2,400 malware data, and learning in artificial neural network Convolutional neural network and to image data. Extracts subgraphs to convert the graph of abstracted image, summarizes the set represent malware. The experimentally analyzed the malware is not how similar. Using deep learning of artificial intelligence by classifying malware and It shows the possibility of accurate malware detection.

랜섬웨어를 포함한 악성코드를 빠르게 탐지하여 빅데이터를 보호하기 위해 본 연구에서는 인공지능의 딥러닝으로 학습된 이미지 분석을 통한 악성코드 분석 기법을 제안한다. 우선 악성코드들에서 일반적으로 사용하는 2,400여개 이상의 데이터를 분석하여 인공신경망 Convolutional neural network 으로 학습하고 데이터를 이미지화 하였다. 추상화된 이미지 그래프로 변환하고 부분 그래프를 추출하여 악성코드가 나타내는 집합을 정리하였다. 제안한 논문에서 추출된 부분 집합들 간의 비교 분석을 통해 해당 악성코드들이 얼마나 유사한지를 실험으로 분석하였으며 학습을 통한 방법을 이용하여 빠르게 추출하였다. 실험결과로부터 인공지능의 딥러닝을 이용한 정확한 악성코드 탐지 가능성과 악성코드를 이미지화하여 분류함으로써 더욱 빠르고 정확한 탐지 가능성을 보였다.

Keywords

References

  1. Luo, Xin, and Qinyu Liao, "Awareness Education as the key to Ransomware Prevention," Information Systems Security 16.4 pp. 195-202, 2007. https://doi.org/10.1080/10658980701576412
  2. P. Vinod, R. Jaipur, V. Laxmi and M. Gaur, "Survey on malware detection methods," Proceedings of the 3rd hackers' workshop on computer and internet security,pp. 74-79, March 2009.
  3. https://www.kaggle.com/c/malware-classification
  4. A. Kumar, N. Sharma, A. Khanna and S. Gandhi, "Analysis of machine learning techniques used in malware classification in cloud computing environment," International journal of computer applications, Vol. 133, pp. 15-18, 2016.
  5. M. Ahmadi, D. Ulyanov, S. Semenov, M. Trofimov and G. Giacinto, "Novel feature extraction, selection and fusion for effective malware family classification," Proceedings of the 6th ACM conference on data and application security and privacy, pp. 183-194, 2016.
  6. L. Nataraj, S. Karthikeyan, G. Jacob and B. S. Manjunath, "Malware images: visualization and automatic classification," Proceedings of the 8th international symposium on visualization for cyber security, pp. 4, 2011.
  7. Guyon and A. Elisseeff, "An introduction to variable and feature selection," Journal of machine learning research, vol. 3, pp. 1157-1182, 2003.
  8. J. G. Dy and C. E. Brodley, "Feature selection for unsupervised learning," Journal of machine learning research, vol. 5, pp. 845-889
  9. A. Krizhevsky, I. Sutskever and G. E. Hinton, "Imagenet classification with deep convolutional neural networks," Advances in neural information processing systems, pp. 1097-1105, 2012.
  10. T. N. Sainath, A. R. Mohamed, B. Kingsbury and B. Ramabhadran, "Deep convolutional neural networks for LVCSR," 2013 IEEE International Conference on Acoustics, Speech and Signal Processing, pp. 8614-8618, 2013.
  11. C. Szegedy, W. Liu, Y. Jia, P. Sermanet, S. Reed, D. Anguelov and A. Rabinovich, "Going deeper with convolutions," Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 1-9, 2015.
  12. N. Srivastava, G. E. Hinton, A. Krizhevsky, I. Sutskever and R. Salakhutdinov, "Dropout: a simple way to prevent neural networks from overfitting," Journal of Machine Learning Research, vol. 15, pp. 1929-1958, 2014.
  13. D. R. Wilson and T. R. Martinez, "The general inefficiency of batch training for gradient descent learning," Neural Networks, vol. 16, pp. 1429-1451, 2013.