Accession Number:

AD1073631

Title:

Neural Networks For Malware Detection Using Static Analysis

Descriptive Note:

Technical Report

Corporate Author:

Naval Postgraduate School Monterey United States

Personal Author(s):

• Kalinowski,Pawel

Report Date:

2019-03-01

Pagination or Media Count:

67.0

Abstract:

Malware is software that enables adversaries to execute their goals by affecting their target devices confidentiality, integrity, or availability. Malware is constantly evolving and detection methods must find ways to detect the new variants. This research developed a new method of detecting malware using a neural-network architecture. The method is not signature-based, unlike most existing methods, and would aid in finding previously unseen malware. It analyzes software using three separate static-analysis methods to obtain a list of features, which when input into the neural network are used to classify the software as malware or not malware. The three methods were the binary-to-grayscale, statistical-N-grams, and dynamic-link-libraries. The binary-to-grayscale approach performed poorly. The other two strategies performed better, but had room for improvement statistical-N-grams and dynamic-link-libraries showed complementary results that suggest combining them would yield a more effective detection method.

Descriptors:

• malware
• detection
• classification
• neural networks
• computer programs
• theses

Subject Categories:

• Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE