Using convolutional neural networks for classification of malware represented as images

Malicious files belonging to the same family, with the same malicious behavior, are constantly modified or obfuscated using several techniques, in such a way that they look like different files (different hash).

In this paper, malicious software is visualized as gray scale images since its ability to capture minor changes while retaining the global structure helps to detect variations. Motivated by the visual similarity between malware samples of the same family, we propose a deep learning approach for malware categorization to efficiently group malicious software into families based on a set of discriminant patterns extracted from their visualization as images.

Recommended citation: Daniel Gibert, Carles Mateu, Jordi Planes. (2019). "Using convolutional neural networks for classification of malware represented as images." Journal of Computer Virology and Hacking Techniques.
Download Paper