Malware classification based on binary visualization of samples

Document Type : Original Article

Authors

1 Babol Noshirvani University of Technology

2 Faculty of Electrical and Computer Engineering/ Babol Noshirvani University of Technology/Babol/Iran

Abstract

Malware is one of the constant challenges of the modern world, which has particular importance due to the harm it causes to users. In the last decade, there has been a great increase in malware number and complexity that caused the current security tools and methods not able to defend against. Visualizing binary content of malware and searching for malicious elements among suspicious image patterns is one of the new methods that have achieved high progress and efficiency in the last decade thanks to deep learning algorithms. In this research, by combining various ideas that exist in the field of malware image analysis, a suitable algorithm has been presented for classifying malware into their corresponding families. Visualizing the binary content of the malware executable file, applying the GIST descriptor and classifying the extracted features using the SVM classifier forms the proposed algorithm of this research, which can achieve the same results as previous researches by using traditional machine learning methods and obtain average classification accuracy of 99.72 and 99.16% on Malimg and Microsoft datasets.

Keywords

Main Subjects


Volume 12, Issue 3 - Serial Number 47
number 47, Autmn 2024
November 2024
  • Receive Date: 18 June 2024
  • Revise Date: 25 August 2024
  • Accept Date: 30 September 2024
  • Publish Date: 22 October 2024