Deep learning for Malware Analysis

Activity: Talk or presentation typesOral presentation


In this talk, we will introduce the potential of deep learning, as one of the most powerful and trendy machine learning, for malware analysis. Specifically, we propose a novel android malware detection system that uses a deep convolutional neural network (CNN). Malware classification is performed based on static analysis of the raw opcode sequence from a disassembled program. Features indicative of malware are automatically learned by the network from the raw opcode sequence thus removing the need for hand-engineered malware features. The training pipeline of our proposed system is much simpler than existing n-gram based malware detection methods, as the network is trained end-to-end to jointly learn appropriate features and to perform classification, thus removing the need to explicitly enumerate millions of n-grams during training. The network design also allows the use of long n-gram like features, not computationally feasible with existing methods. Once trained, the network can be efficiently executed on a GPU, allowing a very large number of files to be scanned quickly.

Period07 Feb 2019
Event titleLORCA Academic Masterclasses
Event typeOther
Degree of RecognitionNational