Image-based malware classification: A space filling curve approach

Authors

Stephen O Shaughnessy, Technological University DublinFollow

Document Type

Conference Paper

Rights

Available under a Creative Commons Attribution Non-Commercial Share Alike 4.0 International Licence

Disciplines

Computer Sciences, Information Science

Publication Details

2019 IEEE Symposium on Visualization for Cyber Security (VizSec)

Abstract

Anti-virus (AV) software is effective at distinguishing between benign and malicious programs yet lack the ability to effectively classify malware into their respective family classes. AV vendors receive considerably large volumes of malicious programs daily and so classification is crucial to quickly identify variants of existing malware that would otherwise have to be manually examined. This paper proposes a novel method of visualizing and classifying malware using Space-Filling Curves (SFC's) in order to improve the limitations of AV tools. The classification models produced were evaluated on previously unseen samples and showed promising results, with precision, recall and accuracy scores of 82%, 80% and 83% respectively. Furthermore, a comparative assessment with previous research and current AV technologies revealed that the method presented her was robust, outperforming most commercial and open-source AV scanner software programs.

DOI

https://doi.org/10.1109/VizSec48167.2019.9161583

Recommended Citation

S. O’Shaughnessy, "Image-based Malware Classification: A Space Filling Curve Approach," 2019 IEEE Symposium on Visualization for Cyber Security (VizSec), 2019, pp. 1-10, doi: 10.1109/VizSec48167.2019.9161583.