Static Analysis for Malware Detection with Tensorflow and GPU

Jueun Jeon; Juho Kim; Sunyong Jeon; Sungmin Lee; Young Sik Jeong

doi:10.1007/978-981-15-9343-7_76

Static Analysis for Malware Detection with Tensorflow and GPU

Jueun Jeon, Juho Kim, Sunyong Jeon, Sungmin Lee, Young Sik Jeong

Dongguk University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

With the advent of malware generation toolkits that automatically generate malware, anyone without a professional skill can easily generate malware. As a result, the number of new/modified malware samples is rapidly increasing. The malware generated in this way attacks vulnerabilities, such as PCs and mobile devices without security patch, causing damages involving malicious actions, such as personal information leakage, theft of authorized certificates, and cryptocurrency mining. To solve this problem, most security companies use the signature-based malware detection technique to detect malware, in which the signatures of known malware and files suspected to be malware are compared before detecting malware. However, the signature-based malware detection technique has a limitation in that it is not efficient for detecting new/modified malware which is generated rapidly. Recently, research is underway to utilize deep learning technology for detecting new/modified malware. In this study, we propose a SAT scheme that can detect not only known malware but also new/modified malware more quickly and accurately, thereby reducing malware-induced damages to PCs and mobile devices. The SAT scheme employs an open source library called Tensorflow in the GPU environment to learn malware signatures and then to statically analyze malware.

Original language	English
Title of host publication	Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019
Editors	James J. Park, Simon James Fong, Yi Pan, Yunsick Sung
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	537-546
Number of pages	10
ISBN (Print)	9789811593420
DOIs	https://doi.org/10.1007/978-981-15-9343-7_76
State	Published - 2021
Event	11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019 - Macao, China Duration: 18 Dec 2019 → 20 Dec 2019

Publication series

Name	Lecture Notes in Electrical Engineering
Volume	715
ISSN (Print)	1876-1100
ISSN (Electronic)	1876-1119

Conference

Conference	11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019
Country/Territory	China
City	Macao
Period	18/12/19 → 20/12/19

Keywords

Deep learning
Malware analysis
Malware detection
Signature
Static analysis

Access to Document

10.1007/978-981-15-9343-7_76

Cite this

Jeon, J., Kim, J., Jeon, S., Lee, S., & Jeong, Y. S. (2021). Static Analysis for Malware Detection with Tensorflow and GPU. In J. J. Park, S. J. Fong, Y. Pan, & Y. Sung (Eds.), Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019 (pp. 537-546). (Lecture Notes in Electrical Engineering; Vol. 715). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-15-9343-7_76

@inproceedings{d1e65a8d70fc4ff9b4f9e314893d9551,

title = "Static Analysis for Malware Detection with Tensorflow and GPU",

abstract = "With the advent of malware generation toolkits that automatically generate malware, anyone without a professional skill can easily generate malware. As a result, the number of new/modified malware samples is rapidly increasing. The malware generated in this way attacks vulnerabilities, such as PCs and mobile devices without security patch, causing damages involving malicious actions, such as personal information leakage, theft of authorized certificates, and cryptocurrency mining. To solve this problem, most security companies use the signature-based malware detection technique to detect malware, in which the signatures of known malware and files suspected to be malware are compared before detecting malware. However, the signature-based malware detection technique has a limitation in that it is not efficient for detecting new/modified malware which is generated rapidly. Recently, research is underway to utilize deep learning technology for detecting new/modified malware. In this study, we propose a SAT scheme that can detect not only known malware but also new/modified malware more quickly and accurately, thereby reducing malware-induced damages to PCs and mobile devices. The SAT scheme employs an open source library called Tensorflow in the GPU environment to learn malware signatures and then to statically analyze malware.",

keywords = "Deep learning, Malware analysis, Malware detection, Signature, Static analysis",

author = "Jueun Jeon and Juho Kim and Sunyong Jeon and Sungmin Lee and Jeong, \{Young Sik\}",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Singapore Pte Ltd.; 11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019 ; Conference date: 18-12-2019 Through 20-12-2019",

year = "2021",

doi = "10.1007/978-981-15-9343-7\_76",

language = "English",

isbn = "9789811593420",

series = "Lecture Notes in Electrical Engineering",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "537--546",

editor = "Park, \{James J.\} and Fong, \{Simon James\} and Yi Pan and Yunsick Sung",

booktitle = "Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019",

address = "Germany",

}

Jeon, J, Kim, J, Jeon, S, Lee, S & Jeong, YS 2021, Static Analysis for Malware Detection with Tensorflow and GPU. in JJ Park, SJ Fong, Y Pan & Y Sung (eds), Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019. Lecture Notes in Electrical Engineering, vol. 715, Springer Science and Business Media Deutschland GmbH, pp. 537-546, 11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019, Macao, China, 18/12/19. https://doi.org/10.1007/978-981-15-9343-7_76

Static Analysis for Malware Detection with Tensorflow and GPU. / Jeon, Jueun; Kim, Juho; Jeon, Sunyong et al.
Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019. ed. / James J. Park; Simon James Fong; Yi Pan; Yunsick Sung. Springer Science and Business Media Deutschland GmbH, 2021. p. 537-546 (Lecture Notes in Electrical Engineering; Vol. 715).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Static Analysis for Malware Detection with Tensorflow and GPU

AU - Jeon, Jueun

AU - Kim, Juho

AU - Jeon, Sunyong

AU - Lee, Sungmin

AU - Jeong, Young Sik

PY - 2021

Y1 - 2021

N2 - With the advent of malware generation toolkits that automatically generate malware, anyone without a professional skill can easily generate malware. As a result, the number of new/modified malware samples is rapidly increasing. The malware generated in this way attacks vulnerabilities, such as PCs and mobile devices without security patch, causing damages involving malicious actions, such as personal information leakage, theft of authorized certificates, and cryptocurrency mining. To solve this problem, most security companies use the signature-based malware detection technique to detect malware, in which the signatures of known malware and files suspected to be malware are compared before detecting malware. However, the signature-based malware detection technique has a limitation in that it is not efficient for detecting new/modified malware which is generated rapidly. Recently, research is underway to utilize deep learning technology for detecting new/modified malware. In this study, we propose a SAT scheme that can detect not only known malware but also new/modified malware more quickly and accurately, thereby reducing malware-induced damages to PCs and mobile devices. The SAT scheme employs an open source library called Tensorflow in the GPU environment to learn malware signatures and then to statically analyze malware.

AB - With the advent of malware generation toolkits that automatically generate malware, anyone without a professional skill can easily generate malware. As a result, the number of new/modified malware samples is rapidly increasing. The malware generated in this way attacks vulnerabilities, such as PCs and mobile devices without security patch, causing damages involving malicious actions, such as personal information leakage, theft of authorized certificates, and cryptocurrency mining. To solve this problem, most security companies use the signature-based malware detection technique to detect malware, in which the signatures of known malware and files suspected to be malware are compared before detecting malware. However, the signature-based malware detection technique has a limitation in that it is not efficient for detecting new/modified malware which is generated rapidly. Recently, research is underway to utilize deep learning technology for detecting new/modified malware. In this study, we propose a SAT scheme that can detect not only known malware but also new/modified malware more quickly and accurately, thereby reducing malware-induced damages to PCs and mobile devices. The SAT scheme employs an open source library called Tensorflow in the GPU environment to learn malware signatures and then to statically analyze malware.

KW - Deep learning

KW - Malware analysis

KW - Malware detection

KW - Signature

KW - Static analysis

UR - http://www.scopus.com/inward/record.url?scp=85101517135&partnerID=8YFLogxK

U2 - 10.1007/978-981-15-9343-7_76

DO - 10.1007/978-981-15-9343-7_76

M3 - Conference contribution

AN - SCOPUS:85101517135

SN - 9789811593420

T3 - Lecture Notes in Electrical Engineering

SP - 537

EP - 546

BT - Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019

A2 - Park, James J.

A2 - Fong, Simon James

A2 - Pan, Yi

A2 - Sung, Yunsick

PB - Springer Science and Business Media Deutschland GmbH

T2 - 11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019

Y2 - 18 December 2019 through 20 December 2019

ER -

Static Analysis for Malware Detection with Tensorflow and GPU

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this