Microsoft & Intel Agree To Fight Malware

Uploaded on 2020-05-18 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Microsoft and Intel have a novel approach to classifying malware with the means of visualising it. They’re collaborating on STAMINA (Static Malware-as-Image Network Analysis), a project that turns rogue code into grayscale images so that a deep learning system can study them. 

The approach converts the binary form of an input file into a simple stream of pixels, and turns that into a picture with dimensions that vary depending on aspects like file size.

A trained neural network then determines what, if anything, has infected the file.  “As malware variants continue to grow, traditional signature-matching techniques cannot keep up. We looked to applying deep-learning techniques to avoid costly feature engineering and used machine-learning techniques to learn and build classification systems that can effectively identify malware program binaries,” according to Intel researchers.

The researchers fed malware samples into a program that converts the data into grayscale images, using an approach called static malware-as-image network analysis (STAMINA). They then analyze the samples for structural patterns that can be used to distinguish between benign and malicious code, and then rank the malicious suspects into degree of threat. 

The study relied on earlier work by Intel on deep transfer learning for static malware classification. Static analysis permits malware detection without having to execute code or monitor runtime behavior.

Drawing on Microsoft’s massive dataset of malware code collected through its Defender security system, the researchers say they achieved “high accuracy” in detecting malware and “low false positives.”

With static analysis, most threats are detected before they are triggered.

The study consisted of three steps: image conversion, transfer learning, and evaluation. In a process that included pixel conversion and resizing, malware code drawn from 2.2 million infected files was converted into two-dimensional images. The next step used transfer learning to apply knowledge obtained about detected malware in one task to similarly structured unidentified code. The last step was evaluation.

The STAMINA program achieved an accuracy of more than 99 percent identifying and categorising malware samples, with a false positives rate of 2.6 percent.

With enough refinement, though, this could be very useful. Most malware detection relies on extracting binary signatures or fingerprints, but the sheer number of signatures makes that impractical. This could help anti-malware tools effectively keep up and reduce the chances of security threats.

TechXplore:      EndGadget:       ZDNet:         I-HLS

You Might Also Read:   

Beware The Latest  Malware:

Top Cyber Threats For Business In 2020:

 

 

 

« Use A VPN To Protect Your Data & Devices
Hackers Will Publish President Trump's Secret Data »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Logically Secure

Logically Secure

Logically Secure provide penetration testing and security assessment services.

Morphisec

Morphisec

Morphisec's world leading prevention-first software stops ransomware and other advanced attacks from endpoint to the cloud.

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

Entreda

Entreda

Entreda offers a unified platform to automate cybersecurity and compliance policy enforcement for your devices, users, networks, applications.

Wireless Logic

Wireless Logic

Wireless Logic delivers a range of secure and resilient value-added M2M/IoT managed services that empower remote devices to communicate cost-effectively, two ways.

TES

TES

TES is a provider of IT Lifecycle Services, offering bespoke solutions that help customers manage the commissioning, deployment and retirement of Information Technology assets.

Healthcare Fraud Shield (HCFS)

Healthcare Fraud Shield (HCFS)

The focus of Healthcare Fraud Shield is solely on healthcare fraud prevention and payment integrity with a successful approach based on many unique advantages we deliver to our clients.

Privacyware

Privacyware

Privacyware's ThreatSentry combines a state-of-the-art Web Application Firewall and port-level firewall with advanced behavioral filtering to block unwanted IIS traffic and web application threats.

Hive

Hive

Hive is a leading provider of cloud-based AI solutions to understand, search, and generate content, and is trusted by hundreds of the world's largest and most innovative organizations.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infrassist Technologies

Infrassist Technologies

We're Infrassist - a trusted white label Managed IT & Professional Services partner for MSP businesses.

Uninets

Uninets

UniNets mission is to provide IT professionals with high-quality, accessible, and relevant e-learning courses that enable them to stay ahead of the curve in their industry.

Operant AI

Operant AI

Operant AI is the only Runtime AI Application Defense Platform that actively protects every layer of live cloud and AI applications from infra to APIs.