Platform-Independent Malware Analysis Applicable to Windows and Linux Environments

被引:14
作者
Hwang, Chanwoong [1 ]
Hwang, Junho [1 ]
Kwak, Jin [2 ]
Lee, Taejin [1 ]
机构
[1] Hoseo Univ, Dept Informat Secur, Asan 31499, South Korea
[2] Ajou Univ, Dept Cyber Secur, Suwon 16499, South Korea
基金
新加坡国家研究基金会;
关键词
malware analysis; binary analysis; strings analysis; deep neural network; feature importance;
D O I
10.3390/electronics9050793
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Most cyberattacks use malicious codes, and according to AV-TEST, more than 1 billion malicious codes are expected to emerge in 2020. Although such malicious codes have been widely seen around the PC environment, they have been on the rise recently, focusing on IoT devices such as smartphones, refrigerators, irons, and various sensors. As is known, Linux/embedded environments support various architectures, so it is difficult to identify the architecture in which malware operates when analyzing malware. This paper proposes an AI-based malware analysis technology that is not affected by the operating system or architecture platform. The proposed technology works intuitively. It uses platform-independent binary data rather than features based on the structured format of the executable files. We analyzed the strings from binary data to classify malware. The experimental results achieved 94% accuracy on Windows and Linux datasets. Based on this, we expect the proposed technology to work effectively on other platforms and improve through continuous operation/verification.
引用
收藏
页数:18
相关论文
共 41 条
[1]  
[Anonymous], 2018, KEY TRENDS IOT DEV S
[2]  
Bayer U, 2006, J COMPUT VIROL HACKI, V2, P67, DOI 10.1007/s11416-006-0012-2
[3]  
Boivin A., 2018, DEFENSE REAL THREAT
[4]  
Brunton Finn, 2011, First Monday, V16, DOI 10.5210/fm.v16i5.3493
[5]  
Costin A, 2014, PROCEEDINGS OF THE 23RD USENIX SECURITY SYMPOSIUM, P95
[6]   Understanding Linux Malware [J].
Cozzi, Emanuele ;
Graziano, Mariano ;
Fratantonio, Yanick ;
Balzarotti, Davide .
2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2018, :161-175
[7]   Binary grey wolf optimization approaches for feature selection [J].
Emary, E. ;
Zawba, Hossam M. ;
Hassanien, Aboul Ella .
NEUROCOMPUTING, 2016, 172 :371-381
[8]  
[Ермаков М.К. Ermakov M.K.], 2015, [Труды Института системного программирования РАН, Trudy Instituta sistemnogo programmirovaniya RAN], V27, P5, DOI 10.15514/ISPRAS-2015-27(1)-1
[9]  
Gaudesi Macro., 2015, P COMPANION PUBLICAT, P757, DOI DOI 10.1145/2739482.2764940
[10]  
전덕조, 2019, [Journal of Korean Institute of Information Technology, 한국정보기술학회논문지], V17, P111, DOI 10.14801/jkiit.2019.17.7.111