CONFERENCE PROCEEDINGS
Advanced Search >
Home > Proceedings > Volume 10652 > Article
9 May 2018 Convolutional neural networks for functional classification of opcode sequences
Michael S. Lee
Author Affiliations +
Proceedings Volume 10652, Disruptive Technologies in Information Sciences; 106520R (2018) https://doi.org/10.1117/12.2302715
Event: SPIE Defense + Security, 2018, Orlando, Florida, United States
Abstract
Traditional malware detection is performed by pattern matching files against a database of known signatures. There are several limitations to this approach including zero-day attacks and encryption. We envision an alternative strategy whereby machine learning (ML) models are trained to classify malware on dynamically-derived CPU instruction streams. Many ML algorithms have the potential to recognize code fragments not explicitly seen before. Furthermore, the analysis of dynamic instruction streams (vs. static disassembly) potentially defeats encryption, as encrypted malware must decrypt itself before being operational. In this work, we begin to assess the viability of our vision by using convolution neural networks to classify the function of various types of small programs from their stream of CPU instructions. Intriguingly, we find that a model comprised of a few layers of convolutional filters performs on par with a shallow single-layer convolutional network.
Conference Presentation
© (2018) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Michael S. Lee, Michael S. Lee, "Convolutional neural networks for functional classification of opcode sequences", Proc. SPIE 10652, Disruptive Technologies in Information Sciences, 106520R (9 May 2018); doi: 10.1117/12.2302715; https://doi.org/10.1117/12.2302715
ACCESS THE FULL ARTICLE
PERSONAL SIGN IN
Full access may be available with your subscription
 
Forgot your username?
Forgot your password?
No SPIE account? Create an account
or Institutional Sign In via Shibboleth
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $14.40
Non-members: $18.00 ADD TO CART
PROCEEDINGS
 8 PAGES + PRESENTATION
DOWNLOAD PDF + SAVE TO MY LIBRARY
WATCH
PRESENTATION
SHARE
GET CITATION
< Previous Article
|
Next Article >
KEYWORDS
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top