2 research outputs found
Integration of Ether Unpacker into Ragpicker for plugin-based Malware Analysis and Identification
Malware is a pervasive problem in both personal computing devices and
distributed computing systems. Identification of malware variants and their
families others a great benefit in early detection resulting in a reduction of
the analyses time needed. In order to classify malware, most of the current
approaches are based on the analysis of the unpacked and unencrypted binaries.
However, most of the unpacking solutions in the literature have a low unpacking
rate. This results in a low contribution towards the identification of
transferred code and re-used code. To develop a new malware analysis solution
based on clusters of binary code sections, it is required to focus on
increasing of the unpacking rate of malware samples to extend the underlying
code database. In this paper, we present a new approach of analysing malware by
integrating Ether Unpacker into the plugin-based malware analysis tool,
Ragpicker. We also evaluate our approach against real-world malware patterns
Deep learning at the shallow end: Malware classification for non-domain experts
Current malware detection and classification approaches generally rely on
time consuming and knowledge intensive processes to extract patterns
(signatures) and behaviors from malware, which are then used for
identification. Moreover, these signatures are often limited to local,
contiguous sequences within the data whilst ignoring their context in relation
to each other and throughout the malware file as a whole. We present a Deep
Learning based malware classification approach that requires no expert domain
knowledge and is based on a purely data driven approach for complex pattern and
feature identification