The modern-day Cyber field continues to be plagued with innumerable forms of malware that are created on a massive scale. The ever-changing nature of malware threats combined with the obfuscation techniques used by attackers creates the need for effective methods of malware classification. As of 2018, an average of one million new forms of malware are created world-wide each day, which raises the question of how to combat these attacks. While most antiviruses scan the integrity and composition of files in the system, we propose a new approach to Cyber Defense. As a replacement for standard file scans, we advocate the conversion of the malware binary into a grayscale image for classification and visualization. As discovered by previous research, different types of malware families tend to display similar characteristics and binary patterns between the various malware files in each family. Since there are similarities between the various files of malware in each family, the idea arose to augment these groups with synthetic data generated from a Generative Adversarial Network (GAN). The idea of a constant stream of generated malware leads to the hypothesis that by adding synthetic data based on each family to each family the images are generated from will create a higher learning rate from the Deep Convolutional Neural Network (DCNN). Various architectures of the DCNN will be used as assessments that benchmark each architectures’ learning rate before and after the augmentation.

Date Published: 3 June 2019
PDF: 6 pages
Proc. SPIE 11013, Disruptive Technologies in Information Sciences II, 110130X (3 June 2019); doi: 10.1117/12.2533344

Published in SPIE Proceedings Vol. 11013:
Disruptive Technologies in Information Sciences II
Misty Blowers; Russell D. Hall; Venkateswara R. Dasari, Editor(s)