Malware Detection by Eating a Whole EXE
Edward Raff, Jon Barker, Jared Sylvester, Robert Brandon, Bryan Catanzaro, Charles Nicholas
Code Available — Be the first to reproduce this paper.
ReproduceCode
- github.com/jaketae/pytorch-malware-detectionpytorch★ 81
- github.com/dtrizna/quo.vadispytorch★ 41
- github.com/Abdullah-B/Best-Effort-Adversarial-Approximation-of-Black-Box-Malware-Classifierstf★ 0
- github.com/jaketae/deep-malware-detectionpytorch★ 0
- github.com/iBibek/MalConv-Deep-learning-for-PE-malware-classificationnone★ 0
- github.com/pralab/toucanstrikenone★ 0
- github.com/endgameinc/malware_evasion_competitionpytorch★ 0
Abstract
In this work we introduce malware detection from raw byte sequences as a fruitful research area to the larger machine learning community. Building a neural network for such a problem presents a number of interesting challenges that have not occurred in tasks such as image processing or NLP. In particular, we note that detection from raw bytes presents a sequence problem with over two million time steps and a problem where batch normalization appear to hinder the learning process. We present our initial work in building a solution to tackle this problem, which has linear complexity dependence on the sequence length, and allows for interpretable sub-regions of the binary to be identified. In doing so we will discuss the many challenges in building a neural network to process data at this scale, and the methods we used to work around them.