Graphic Content Ahead: Towards Automated Scalable Analysis of Graphical Images Embedded in Malware

by Alex Long
Sept. 18, 2017 1 comment Black Hat belen_caty

While automated approaches to static and dynamic malware analysis are key pieces of todays malware analysis pipeline, little attention has been focused on the automated analysis of the images commonly embedded in malware files, such as desktop icons and GUI button skins. This leaves a blind spot in current malware triage approaches because automated image analysis could help to quickly reveal how new malware tricks users and could inform the question of whether malware samples came from known adversaries (samples with near-duplicate rare images may have come from the same attacker). Therefore, to further the application of image analysis techniques to the automated analysis of malware images, in our presentation we will describe our efforts to solve two related problems: the problem of identifying malware samples with visually similar image sets in a scalable fashion, and the problem of quickly classifying malware images into topical categories.

Steven Ulm 9 months, 1 week ago

Dynamic malware analysis is currently avoided too much in terms of cyber security... presentations like these are quite awakening.