Microsoft & Intel Agree To Fight Malware

Uploaded on 2020-05-18 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Microsoft and Intel have a novel approach to classifying malware with the means of visualising it. They’re collaborating on STAMINA (Static Malware-as-Image Network Analysis), a project that turns rogue code into grayscale images so that a deep learning system can study them. 

The approach converts the binary form of an input file into a simple stream of pixels, and turns that into a picture with dimensions that vary depending on aspects like file size.

A trained neural network then determines what, if anything, has infected the file.  “As malware variants continue to grow, traditional signature-matching techniques cannot keep up. We looked to applying deep-learning techniques to avoid costly feature engineering and used machine-learning techniques to learn and build classification systems that can effectively identify malware program binaries,” according to Intel researchers.

The researchers fed malware samples into a program that converts the data into grayscale images, using an approach called static malware-as-image network analysis (STAMINA). They then analyze the samples for structural patterns that can be used to distinguish between benign and malicious code, and then rank the malicious suspects into degree of threat. 

The study relied on earlier work by Intel on deep transfer learning for static malware classification. Static analysis permits malware detection without having to execute code or monitor runtime behavior.

Drawing on Microsoft’s massive dataset of malware code collected through its Defender security system, the researchers say they achieved “high accuracy” in detecting malware and “low false positives.”

With static analysis, most threats are detected before they are triggered.

The study consisted of three steps: image conversion, transfer learning, and evaluation. In a process that included pixel conversion and resizing, malware code drawn from 2.2 million infected files was converted into two-dimensional images. The next step used transfer learning to apply knowledge obtained about detected malware in one task to similarly structured unidentified code. The last step was evaluation.

The STAMINA program achieved an accuracy of more than 99 percent identifying and categorising malware samples, with a false positives rate of 2.6 percent.

With enough refinement, though, this could be very useful. Most malware detection relies on extracting binary signatures or fingerprints, but the sheer number of signatures makes that impractical. This could help anti-malware tools effectively keep up and reduce the chances of security threats.

TechXplore:      EndGadget:       ZDNet:         I-HLS

You Might Also Read:   

Beware The Latest  Malware:

Top Cyber Threats For Business In 2020:

 

 

 

« Use A VPN To Protect Your Data & Devices
Hackers Will Publish President Trump's Secret Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BCS, The chartered Institute for IT

BCS, The chartered Institute for IT

BCS provides IT professionals with up to date and relevant certifications enabling them to manage IT security effectively within their budget.

CyberSecurityJobsite.com

CyberSecurityJobsite.com

CyberSecurityJobsite.com is a specialist job board designed to attract candidates working within Cyber Security, Information Security or Information Assurance.

CERT Bulgaria (CERT.BG)

CERT Bulgaria (CERT.BG)

CERT Bulfaria is the National Computer Security Incidents Response Team for Bulgaria.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

Metro Systems

Metro Systems

Metro Systems offer fully integrated IT solutions & services covering Digital Transformation, Digital Infrastructure, Cyber Security and Training.

SkillCube

SkillCube

SkillCube is one of the pioneers in India focusing on Cyber Security Skill Development Solutions.

Malleum

Malleum

MALLEUM are specialists in penetration testing and security assessments. We think like hackers – and act like them – to disclose discreet dangers to your organization.

Palitronica

Palitronica

Palitronica build cutting-edge hardware and breakthrough software that revolutionizes how we defend critical infrastructure and key resources.

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

Anametric

Anametric

Anametric is developing new technologies and devices for chip scale quantum photonics, with a focus on cybersecurity.

GoTo

GoTo

At GoTo we help people and businesses to connect and collaborate simply and securely – from anywhere. We’re the trusted partner for companies of all sizes.

Heartland Business Systems (HBS)

Heartland Business Systems (HBS)

Heartland Business Systems serves commercial, public sector and small to medium business with results-driven and dedicated information technology services.

Disecto Technologies

Disecto Technologies

At Disecto, we provide SaaS based Data Discovery, Classification and a remediation solution for data privacy compliance.

DNSFilter

DNSFilter

DNSFilter is the most accurate threat detection and content filtering tool on the market today.

Secure Cyber Management

Secure Cyber Management

Secure Cyber Management provides industry-leading cloud security advice, guidance and services.