An AI Approach to Malware Similarity Analysis: Mapping The Malware Genome With a Deep Neural Network

by Konstantin Berlin
Sept. 14, 2017 1 comment www.blackhat.com belen_caty

We developed a new malware similarity detection approach. This approach, not only significantly reduces the need for manual tuning of the similarity formulate, but also allows for significantly smaller deployment footprint and provides significant increase in accuracy. Our family/similarity detection system is the first to use deep neural networks for code sharing identification, automatically learning to see through adversary tradecraft, thereby staying up to date with adversary evolution. Using traditional string similarity features our approach increased accuracy by 10%, from 65% to 75%. Using an advanced set of features that we specifically designed for malware classification, our approach has 98% accuracy. In this presentation we describe how our method works, why it is able to significantly improve upon current approaches, and how this approach can be easily adapted and tuned to individual/organization needs of the attendees.

https://www.blackhat.com/us-16/briefings.html#an-ai-approach-to-malware-similarity-analysis-mappi...

Avatar
Steven Ulm 2 months ago

Can't really get my head around this article. The idea might be good, but the way it is written makes it so hard to understand.

Reply