Microsoft & Intel Agree To Fight Malware

Microsoft and Intel have a novel approach to classifying malware with the means of visualising it. They’re collaborating on STAMINA (Static Malware-as-Image Network Analysis), a project that turns rogue code into grayscale images so that a deep learning system can study them. 

The approach converts the binary form of an input file into a simple stream of pixels, and turns that into a picture with dimensions that vary depending on aspects like file size.

A trained neural network then determines what, if anything, has infected the file.  “As malware variants continue to grow, traditional signature-matching techniques cannot keep up. We looked to applying deep-learning techniques to avoid costly feature engineering and used machine-learning techniques to learn and build classification systems that can effectively identify malware program binaries,” according to Intel researchers.

The researchers fed malware samples into a program that converts the data into grayscale images, using an approach called static malware-as-image network analysis (STAMINA). They then analyze the samples for structural patterns that can be used to distinguish between benign and malicious code, and then rank the malicious suspects into degree of threat. 

The study relied on earlier work by Intel on deep transfer learning for static malware classification. Static analysis permits malware detection without having to execute code or monitor runtime behavior.

Drawing on Microsoft’s massive dataset of malware code collected through its Defender security system, the researchers say they achieved “high accuracy” in detecting malware and “low false positives.”

With static analysis, most threats are detected before they are triggered.

The study consisted of three steps: image conversion, transfer learning, and evaluation. In a process that included pixel conversion and resizing, malware code drawn from 2.2 million infected files was converted into two-dimensional images. The next step used transfer learning to apply knowledge obtained about detected malware in one task to similarly structured unidentified code. The last step was evaluation.

The STAMINA program achieved an accuracy of more than 99 percent identifying and categorising malware samples, with a false positives rate of 2.6 percent.

With enough refinement, though, this could be very useful. Most malware detection relies on extracting binary signatures or fingerprints, but the sheer number of signatures makes that impractical. This could help anti-malware tools effectively keep up and reduce the chances of security threats.

TechXplore:      EndGadget:       ZDNet:         I-HLS

You Might Also Read:   

Beware The Latest  Malware:

Top Cyber Threats For Business In 2020:

 

 

 

« Use A VPN To Protect Your Data & Devices
Hackers Will Publish President Trump's Secret Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Pluralsight

Pluralsight

Pluralsight helps enterprises build technology skills at scale with expert-authored courses on today’s most important technologies including information and cyber security.

Ixia

Ixia

Ixia provides testing, visibility, and security solutions to strengthen applications across physical and virtual networks.

OpenSphere

OpenSphere

OpenSphere is an IT company providing security consultancy, information system risk management and security management services.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

ITRenew

ITRenew

ITRenew is a leading global IT lifecycle management solutions company, specializing in onsite data center decommissioning and data erasure services.

Quantstamp

Quantstamp

Quantstamp are experts in Smart Contract Security Audits. We provide verification that your decentralized system works as intended.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

TrueFort

TrueFort

TrueFort take an application-first approach that offers comprehensive protection for real-time visibility and analysis, protection and better communication across business, IT, and security teams.

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

Josef Ressel Centre for Intelligent & Secure Industrial Automation

Josef Ressel Centre for Intelligent & Secure Industrial Automation

The Josef Ressel Centre for Intelligent and Secure Industrial Automation investigates the fundamentals of digital assistants for industrial machines that enable intelligent and secure operation.

Acronis

Acronis

At Acronis, we protect the data, applications, systems and productivity of every organization – safeguarding them against cyberattacks, hardware failures, natural disasters and human errors.

ADNET Technologies

ADNET Technologies

ADNET Technologies is a SOC 2, Type II Compliant IT management and cybersecurity firm.

NetDescribe

NetDescribe

NetDescribe, part of Xantaro Group, advises and supports companies in building secure and stable IT environments.