DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click HERE
to register or log in.
Neural Networks For Malware Detection Using Static Analysis
Naval Postgraduate School Monterey United States
Pagination or Media Count:
Malware is software that enables adversaries to execute their goals by affecting their target devices confidentiality, integrity, or availability. Malware is constantly evolving and detection methods must find ways to detect the new variants. This research developed a new method of detecting malware using a neural-network architecture. The method is not signature-based, unlike most existing methods, and would aid in finding previously unseen malware. It analyzes software using three separate static-analysis methods to obtain a list of features, which when input into the neural network are used to classify the software as malware or not malware. The three methods were the binary-to-grayscale, statistical-N-grams, and dynamic-link-libraries. The binary-to-grayscale approach performed poorly. The other two strategies performed better, but had room for improvement statistical-N-grams and dynamic-link-libraries showed complementary results that suggest combining them would yield a more effective detection method.
APPROVED FOR PUBLIC RELEASE