Convolutional neural networks for classification of malware assembly code
Published in CCIA, 2017
Traditional signature-based methods have started becoming inadequate to deal with next generation malware which utilize obfuscation (polymorphic and metamorphic) techniques to evade detection. Recently, research efforts have been conducted on malware detection and classification by applying machine learning techniques. Despite them, most methods are build on shallow learning architectures and rely on the extraction of hand-crafted features.
In this paper, based on assembly language code extracted from disassembled binary files and embedded into vectors, we present a convolutional neural network architecture to learn a set of discriminative opcode patterns able to cluster malware files amongst families.
Recommended citation: Daniel Gibert, Carles Mateu, Jordi Planes, Daniel Solis, Ramon Vicens (2017). "Convolutional neural networks for classification of malware assembly code." CCIA 2017.
Download Paper