File download information...
Then we index malware images from the target malware dataset using a randomized index designed to quickly approximate Hamming distance between stored vectors. Finally, we compute pairwise distances between malware samples image sets to identify malware samples that share visually similar images (even if these images contrasts, scales, or color schemes are different). Additionally, we have built a force-directed graph based visualization to display our results to end-users, which colleagues within our organization have found useful in practice. In our presentation, we will provide a detailed account of our approach and describe an evaluation we performed which demonstrates that our approach operates at deployable levels of speed and accuracy. The second component of our research focuses on classifying malware images into topical categories. To perform classification in a scalable and automated fashion, the approach we have developed dynamically obtains labeled training examples using the Google Image Search API based on user defined queries (for example, a query for retrieving examples of anti-virus icons could be anti-virus desktop icon). Using the resulting labeled image data, we have trained and compared a number of image classifiers. To evaluate these classifiers we hand-labeled malware images with their correct class and computed confusion matrices for more than a dozen classes of malware images (for example, "fake anti-virus", "fake web browser", etc.), revealing that our classification techniques varied in accuracy, with some image category detectors (such as "fake word processor") providing deployable levels of accuracy and others generating misclassifications at an unacceptable rate. In conclusion, by presenting what we believe to be compelling early results vis-a-vis both malware image set similarity and malware image classification, we hope to inspire the malware research community to both adopt image analysis in practice and further research into this un... Read more↗
|Updated||1 year ago|
|Checked||4 months ago|
|Keywords||us lakhotia harnessing intelligence from malware repositories pdf|
us-15-Lakhotia-Harnessing-Intelligence-From-Malware-Repositories.pdf is a portable multi-platform document format that may contain an ebook, report, manual or general purpose data. The download size as indicated by the server is 2.84MB (2981501 bytes). The host server on www.blackhat.com has returned application/pdf as the content type of the download which was updated on 05/11/2018 and was last checked by Webeaver.com crawlers on 02/01/2019. You may use one or more of the following keywords [us lakhotia harnessing intelligence from malware repositories pdf] to search for other files related to the one you are about to download.