Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

Detection Model based on Deeplearning through the Characteristics Image of Malware

악성코드의 특성 이미지화를 통한 딥러닝 기반의 탐지 모델

  • Hwang, Yoon-Cheol (Department of Talmage Liberal Arts College, Hannam University) ;
  • Mun, Hyung-Jin (Department of Information & Communication Engineering, Sungkyul University)
  • 황윤철 (한남대학교 탈메이지 교양교육대학) ;
  • 문형진 (성결대학교 정보통신공학과)
  • Received : 2021.08.09
  • Accepted : 2021.11.20
  • Published : 2021.11.28
Download PDF
⟨ Previous Next ⟩

Abstract

Although the internet has gained many conveniences and benefits, it is causing economic and social damage to users due to intelligent malware. Most of the signature-based anti-virus programs are used to detect and defend this, but it is insufficient to prevent malware variants becoming more intelligent. Therefore, we proposes a model that detects and defends the intelligent malware that is pouring out in the paper. The proposed model learns by imaging the characteristics of malware based on deeplearning, and detects newly detected malware variants using the learned model. It was shown that the proposed model detects not only the existing malware but also most of the variants that transform the existing malware.

인터넷의 발달로 많은 편리와 이익을 얻었지만 반대로 지능화되는 악성코드로 인하여 사용자의 경제적, 사회적 피해를 주고 있다. 이를 탐지하고 방어하기 위해 대부분 시그니처 기반의 탐지나 방어 프로그램을 사용하지만 지능화된 악성코드의 변종을 막기에는 매우 어렵다. 따라서 본 논문에서는 쏟아져 나오는 지능화된 악성코드를 탐지하고 방어할 수 있는 모델을 제안한다. 제안 모델은 악성코드의 특성을 이미지화하여 딥러닝을 이용한 학습을 통해 만들어지며 새롭게 탐지된 악성코드와 악성코드 변종들은 이미지화를 수행한 다음 만들어진 모델에 적용하여 탐지한다. 제안된 모델을 사용하면 기존에 탐지되었던 악성코드와 더불어 유사한 변종도 대부분 탐지됨을 알 수 있다.

Keywords

References

  1. McAfee Labs Threats Report. (accessed January 6, 2021), McAfee Labs (Online) https://www.mcafee.com/enterprise/en-us/treat-center/macfee-labs/report.html
  2. D. Ucci, L. Aniello & R. Baldoni.(2019). Survey of machine learning techniques for malware analysis, Computers & Security, 81, 123-147. DOI : 10.1016/j.cose.2018.11.001
  3. H. J. Mun, S. H. Choi & Y. C. Hwang. (2016). Effective Countermeasure to APT Attacks using Big Data. Journal of Convergence for Information Technology, 6(1), 17-23. DOI : 10.22156/CS4SMB.2016.6.1.017
  4. C. Chen, S. Wang, D. Wen, G. Lai & M. Sun. (2019). Applying Convolutional Neural Network for Malware Detection. 2019 IEEE 10th International Conference on Awareness Science and Technology (iCAST), Morioka, Japan, pp. 1-5.
  5. L. Nataraj, S. Karthikeyan, G. Jacob, & B. Manjunath. (2011). Malware Images: Visualization and Automatic Classification. Proceedings of the 8th International Symposium on Visualization for Cyber Security, pp.1-7.
  6. J. Kim, S. Hong & H. Kim. (2019). A Style GAN Image Detection Model Based on Convolutional Neural Network, Journal of Korea Multimedia Society, 22(12), 1447-1456. https://doi.org/10.9717/KMMS.2019.22.12.1447
  7. A. Hidakay & T. Kurita. (2017). Consecutive Dimensionality Reduction by Canonical Correlation Analysis for Visualization of Convolutional Neural Networks, In Proceedings of the ISCIE international symposium on stochastic systems theory and its applications (Vol. 2017, pp. 160-167).
  8. D. Moon, S. B. Pan & I. Kim.(2016). Host-based intrusion detection system for secure human-centric computing, Journal of Supercomputing. 72(7), 2520-2536. https://doi.org/10.1007/s11227-015-1506-9
  9. W. Huang & J. W. Stokes. (2016). MtNet: A Multi-Task Neural Network for Dynamic Malware Classification, International Conference on Detection of Intrusions and Malware & Vulnerability Assessment (pp. 399-418).
  10. W. Xu, Y. Qi & D. Evans. (2016). Automatically Evading Classifiers, In Proceedings of the 2016 network and distributed systems symposium (Vol. 10).
  11. D. Gibert. (2016). Convolutional Neural Networks for Malware Classification, Master Thesis, University Rovira i Virgili, Tarragona, Spain
  12. G. E. Dahl, J. W. Stokes, L. Deng & D. Yu. (2013). Large-Scale Malware Classification using Random Projections and Neural Networks, In 2013 IEEE International Conference on Acoustics, Speech and Signal Processing (pp. 3422-3426).
  13. S. Visa, B. Ramsay, A. L. Ralescu & E. van der Knaap. (2011). Confusion Matrix-based Feature Selection, Proceedings of The 22nd Midwest Artificial Intelligence and Cognitive Science Conference, Cincinnati, Ohio, USA, April 16-17.
  14. Microsoft. (2015), Microsoft Malware Classification Challenge(BIG 2015). (accessed July 28, 2021). Kaggle (Online). https://www.kaggle.com/c/malware-classification
  15. Y. M. Cho. & H. Y. Kwon.(2020). Machine Learning Based Malware Detection Using API Call Time Interval, Korea Institute of Information Security and Cryptology, 30(1), 51-58. DOI : 10.13089/JKIISC.2020.30.1.51.