Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.4.847

Rare Malware Classification Using Memory Augmented Neural Networks  

Kang, Min Chul (Graduate School of Information Security, Korea University)
Kim, Huy Kang (Graduate School of Information Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.4, 2018 , pp. 847-857 More about this Journal
Abstract
As the number of malicious code increases steeply, cyber attack victims targeting corporations, public institutions, financial institutions, hospitals are also increasing. Accordingly, academia and security industry are conducting various researches on malicious code detection. In recent years, there have been a lot of researches using machine learning techniques including deep learning. In the case of research using Convolutional Neural Network, ResNet, etc. for classification of malicious code, it can be confirmed that the performance improvement is higher than the existing classification method. However, one of the characteristics of the target attack is that it is custom malicious code that makes it operate only for a specific company, so it is not a form spreading widely to a large number of users. Since there are not many malicious codes of this kind, it is difficult to apply the previously studied machine learning or deep learning techniques. In this paper, we propose a method to classify malicious codes when the amount of samples is insufficient such as targeting type malicious code. As a result of the study, we confirmed that the accuracy of 97% can be achieved even with a small amount of data by applying the Memory Augmented Neural Networks model.
Keywords
Malware Classification; Visualization; Memory Augmented Neural Network;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Symantec, "wannacry lazarus", https://www.symantec.com/connect/blogs/wannacry-ransomware-attacks-show-strong-links-lazarus-group, Apr. 2018.
2 Infosec, http://blog.skinfosec.com/221234742268, Apr. 2018.
3 Espoir K. Kamundala and Chang Hoon Kim, "CNN Model to Classify Malware Using Image Feature," KIISE Transactions on Computing Practices, 24(5), pp. 256-261, May. 2018.   DOI
4 Nataraj, L., and Manjunath, B. S., "SPAM: Signal Processing to Analyze Malware," IEEE Signal Process. Magazine, vol. 33, no. 2, pp. 105-117, Mar. 2016.   DOI
5 Agarap, A. F., and Pepito, F. J. H., "Towards Building an Intelligent Anti-Malware System: A Deep Learning Approach using Support Vector Machine(SVM) for Malware Classification," arXiv preprint arXiv:1801.00318, Dec. 2017.
6 Kosmidis, K., and Kalloniatis, C., "Machine Learning and Images for Malware Detection and Classification," Proceedings of the 21st Pan-Hellenic Conference on Informatics. no. 5, Sep. 2017.
7 Github, "Mal60 Dataset", http://github.com/pukekaka/mal60, Apr. 2018.
8 VirusTotal, "Virus Total", http://virustotal.com, Apr. 2018.
9 AV-Test, https://www.av-test.org/en/statistics/malware, Apr. 2018.
10 T. H. Park, "Cyber Threat Trends Quarterly Report," Korea Internet & Security Agency, pp. 39-57, July. 2017.
11 AhnLab Statistics, https://www.ahnlab.com/kr/site/securityinfo/statistics/security1.do, Apr. 2018.
12 Nataraj, L., Karthikeyan, S., Jacob, G., and Manjunath, B. S., "Malware images: visualization and automatic classification," Proceedings of the 8th international symposium on visualization for cyber security. no. 4, July. 2011.
13 Seonhee Seok and Howon Kim, "Visualized Malware Classification Based-on Convolutional Neural Network," Journal of the Korea Institute of Information Security & Cryptology, 26(1), pp. 197-208, Feb. 2016.   DOI
14 Gibert Llaurado, D., "Convolutional neural networks for malware classification," MS thesis. Universitat Politecnica de Catalunya, Oct. 2016.
15 Kaggle, "First Place Team: Say No to Overfitting, Winner of Microsoft Malware Classification Challenge (BIG 2015)", http://blog.kaggle.com/2015/05/26/microsoft-malware-winners-interview-1st-place-no-to-overfitting, Apr. 2018
16 Meng, X., Shan, Z., Liu, F., Zhao, B., Han, J., Wang, H., and Wang, J., "MCSMGS: Malware Classification Model Based on Deep Learning," Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2017 International Conference IEEE, pp. 272-275, 2017.
17 Singh, A., "Malware Classification using Image Representation," Diss. INDIAN INSTITUTE OF TECHNOLOGY KANPUR, July. 2017.
18 K. Han, B. Kang, and E. G. Im, "Malware Analysis Using Visualized Image Matrices," The Scientific World Journal, vol. 2014, no. 7, pp. 1-15, 2014.
19 T. W. Lim, "A Study on Deep Learning based Malware Detection Using Executable File Visualization and Word2Vec," Sungkyunkwan University, Aug. 2017.
20 Huang, T. H. D., Yu, C. M., and Kao, H. Y., "R2-D2: ColoR-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections," arXiv preprint arXiv:1705.04448, Dec. 2017.
21 Graves, A., Wayne, G., and Danihelka, "Neural turing machines," arXiv preprint arXiv:1410.5401, Dec. 2014.
22 Santoro, A., Bartunov, S., Botvinick, M., Wierstra, D., and Lillicrap, T., "Meta-learning with memory-augmented neural networks," International conference on machine learning, pp. 1842-1850, June. 2016.
23 Github, "Omniglot Dataset", https://github.com/brendenlake/omniglot, Apr. 2018.