Security News > 2020 > May > Microsoft, Intel Introduce 'STAMINA' Approach to Malware Detection
Microsoft and Intel have been working together on a new approach to malware detection that involves deep learning and the representation of malware as images.
Referred to as STAtic Malware-as-Image Network Analysis, the research leverages Intel's previous work on static malware classification through deep transfer learning and applies it to a real-world dataset from Microsoft to determine its practical value.
The approach is based on the inspection of malware binaries plotted as grayscale images, which has revealed that there are textural and structural similarities between binaries from the same malware families, and differences between different families or between malware and benign software.
In their whitepaper on STAMINA, researchers from Intel and Microsoft argue that the classic malware detection approach that relies on signature matching is becoming less straightforward due to the rapid increase in signatures, while static and dynamic approaches might not be accurate or time-efficient.
During the evaluation step, the researchers look at the accuracy of their method, "False positive rate, precision, recall, F1 score, and area under the receiver operating curve." The study was performed on a Microsoft dataset that included 2.2 million malware binary hashes, along with 10 columns of data information.
News URL
Related news
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)