Malware will soon be detectable as image: Microsoft and Intel Initiative

CIOReviewIndia Team | Tuesday, 12 May 2020, 11:42 IST

Malware will soon be detectable as image: Microsoft and Intel Initiativ

Experts at Intel and Microsoft have jointly started working on the study of deep learning for the purpose of malware threat detection that will have the capability to convert malware into images for better threat detection.

The study for this software is based on the very observation, that it will be really effective to detect whether the malware is benign or malicious if textual and structural patterns are put into use and convert any kind of malware into images for seamless detection, as was expressed by Microsoft.

The experts studying this have used an approach that they have termed static malware-as-image network analysis (STAMINA), as was said by Jugal Parikh and Marc Marino from Microsoft Threat Protection Intelligence Team.

In order to achieve the fair bit of success with the software, both the organizations first converted the malware’s programming into a one-dimensional stream of digital pixels. As their study explains, each and every byte in the malware’s coding can be visualized in order to correspond to different levels of pixel intensity.  

To establish the success of the practicality of the STAMINA software approach, which claims that malware can be categorized at scale by implementing static analysis on the coding for malware represented as images. The research has covered three main steps: image conversion, transfer learning, and evaluation.

The studies were done on a dataset of 2.2 million PE file hashes that were provided by Microsoft. This dataset was temporally split into 60:20:20 segments for training, validation, and test sets, respectively. This joint research by Microsoft and Intel encourages the use of deep transfer learning for the purpose of malware classification.

Further, in order to execute this, malware binaries were converted into two-dimensional images that involved pixel conversion, reshaping and resizing. Every byte was given a specific value between 0 and 255,  that corresponds to the pixel intensity. After that, the file size was used in order to determine the width and height of an image, transforming it into a two-dimensional picture.

Don't Miss ( 1-5 of 25 )