Microsoft & Intel Agree To Fight Malware

Uploaded on 2020-05-18 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Microsoft and Intel have a novel approach to classifying malware with the means of visualising it. They’re collaborating on STAMINA (Static Malware-as-Image Network Analysis), a project that turns rogue code into grayscale images so that a deep learning system can study them. 

The approach converts the binary form of an input file into a simple stream of pixels, and turns that into a picture with dimensions that vary depending on aspects like file size.

A trained neural network then determines what, if anything, has infected the file.  “As malware variants continue to grow, traditional signature-matching techniques cannot keep up. We looked to applying deep-learning techniques to avoid costly feature engineering and used machine-learning techniques to learn and build classification systems that can effectively identify malware program binaries,” according to Intel researchers.

The researchers fed malware samples into a program that converts the data into grayscale images, using an approach called static malware-as-image network analysis (STAMINA). They then analyze the samples for structural patterns that can be used to distinguish between benign and malicious code, and then rank the malicious suspects into degree of threat. 

The study relied on earlier work by Intel on deep transfer learning for static malware classification. Static analysis permits malware detection without having to execute code or monitor runtime behavior.

Drawing on Microsoft’s massive dataset of malware code collected through its Defender security system, the researchers say they achieved “high accuracy” in detecting malware and “low false positives.”

With static analysis, most threats are detected before they are triggered.

The study consisted of three steps: image conversion, transfer learning, and evaluation. In a process that included pixel conversion and resizing, malware code drawn from 2.2 million infected files was converted into two-dimensional images. The next step used transfer learning to apply knowledge obtained about detected malware in one task to similarly structured unidentified code. The last step was evaluation.

The STAMINA program achieved an accuracy of more than 99 percent identifying and categorising malware samples, with a false positives rate of 2.6 percent.

With enough refinement, though, this could be very useful. Most malware detection relies on extracting binary signatures or fingerprints, but the sheer number of signatures makes that impractical. This could help anti-malware tools effectively keep up and reduce the chances of security threats.

TechXplore:      EndGadget:       ZDNet:         I-HLS

You Might Also Read:   

Beware The Latest  Malware:

Top Cyber Threats For Business In 2020:

 

 

 

« Use A VPN To Protect Your Data & Devices
Hackers Will Publish President Trump's Secret Data »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Virtustream

Virtustream

The Virtustream Enterprise Class Cloud provides a secure, highly available, Infrastructure as a Service (IaaS) to enterprises and government customers.

StrongKey

StrongKey

StrongKey (formerly StrongAuth) is a leader in Enterprise Key Management Infrastructure, bringing new levels of capability and data security at a price point significantly lower than other solutions.

Security University

Security University

Security University is a leading provider of Qualified Hands-On Cybersecurity Education, Information Assurance Training and Certifications for IT and Security Professionals.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

Tempest

Tempest

TEMPEST is a leading provider of IT products and services including solutions for network and application security.

TUV Rheinland Group

TUV Rheinland Group

TUV Rheinland Group is a testing services company with nearly 145 years of technological experience. We help you to protect your systems comprehensively, proactively and permanently.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

Blueskytec (BST)

Blueskytec (BST)

Blueskytec has applied its experience of over three decades of working in the field of embedded systems and encryption to provide a scalable and appropriate technology for cyber-physical devices.

X-Ways Software Technology

X-Ways Software Technology

X-Ways provide software for computer forensics, electronic discovery, data recovery, low-level data processing, and IT security.

JobStreet.com

JobStreet.com

JobStreet is one of Asia’s leading online employment marketplaces in Malaysia, Philippines, Singapore, Indonesia and Vietnam.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

Dig Security

Dig Security

Dig Security offers the first data detection and response (DDR) solution, providing real-time visibility, control and protection of your data assets across any cloud.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

NetRise

NetRise

NetRise was founded as a direct result of the many shortcomings currently in the device security market, specifically targeting the firmware of devices.

Validia

Validia

Validia is a deepfake cybersecurity service that provides proactive and reactive defense to the deepfake threat enterprises increasingly face with the rapid growth of generative AI.