September 23, 2021

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Malware Analysis with Artificial Intelligence and a Particular Attention on Results Interpretability. (arXiv:2107.11100v1 [cs.CR])

Malware detection and analysis are active research subjects in cybersecurity
over the last years. Indeed, the development of obfuscation techniques, as
packing, for example, requires special attention to detect recent variants of
malware. The usual detection methods do not necessarily provide tools to
interpret the results. Therefore, we propose a model based on the
transformation of binary files into grayscale image, which achieves an accuracy
rate of 88%. Furthermore, the proposed model can determine if a sample is
packed or encrypted with a precision of 85%. It allows us to analyze results
and act appropriately. Also, by applying attention mechanisms on detection
models, we have the possibility to identify which part of the files looks
suspicious. This kind of tool should be very useful for data analysts, it
compensates for the lack of interpretability of the common detection models,
and it can help to understand why some malicious files are undetected.