Hongbi Kim  Hyunseok Shin  Junho Hwang  Taejin Lee

10.5626/JOK.2019.46.11.1207

CNN (Convolutional Neural Network) Malware detection Static Analysis mutant malware

Malicious codes are becoming more intelligent due to the popularization of malware generation tools and obfuscation techniques, but existing malware detection techniques suffer from incomplete detection of malicious codes. Considering the facts that many newly emerging malicious codes are variants of existing malicious codes, and that they have binary data similar to those of the original malicious codes, a Dhash-based malware detection technique is presented here that classifies images based on the binary data in a file, along with a 10-gram algorithm that improves the long time taken by the analysis due to the full comparison of the Dhash algorithm. A comparison with the superior ssdep technique in variant malware detection shows that the Dhash algorithm can detect areas that ssdep does not detect, and the superiority of the proposed algorithm through the existing Dhash algorithm and the detection speed comparison experiment of the algorithms proposed in this paper. Future work will continue to develop variety of malware analysis technologies that are linked to other LSH-based detection techniques.