Top

Published in:

2020 | OriginalPaper | Chapter

Classification of Grayscale Malware Images Using the K-Nearest Neighbor Algorithm

Authors : Ikram Ben Abdel Ouahab, Mohammed Bouhorma, Anouar Abdelhakim Boudhir, Lotfi El Aachak

Published in: Innovations in Smart Cities Applications Edition 3

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The biggest problem with recovering from cyberattacks is that security professionals rarely get the chance to deal with them immediately. So, using advanced intelligent techniques, we can defense systems against malware the moment it begins to download. For that reason, a new type of feature has been recently introduced for malware classification task, borrowing techniques from computer vision community called malware visualization technique. Malware classification goal is to know how they work, and then we can rapidly defend them especially in the case of zero-days attacks. In this paper, we adopt KNN algorithm to classify malwares based on their image visualization. So, a malware binary is converted to grayscale image. Then to extract similarities and dis-similarities from these images a GIST descriptor is computed. We used a database of 9339 samples of malwares belonging to 25 families. Our malware classifier reached a high score of 97%, which is very close to the results found in literature.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Proposed Architecture Based on CNN for Feature Selection and Classification of Android Malwares

next chapter Improving Recommendations Using Traceability and Machine Learning

Cakir, B., Dogdu, E.: Malware classification using deep learning methods. In: Proceedings of the ACMSE 2018 Conference, pp. 10:1–10:5. ACM, New York (2018). https://doi.org/10.1145/3190645.3190692

Islam, R., et al.: Classification of malware based on integrated static and dynamic features. J. Netw. Comput. Appl. 36(2), 646–656 (2013). https://doi.org/10.1016/j.jnca.2012.10.004CrossRef

Jerlin, M.A., Marimuthu, K.: A new malware detection system using machine learning techniques for API call sequences. J. Appl. Secur. Res. 13(1), 45–62 (2018). https://doi.org/10.1080/19361610.2018.1387734CrossRef

Luo, J., Lo, D.C.: Malware image classification using machine learning with local binary pattern. In: 2017 IEEE International Conference on Big Data (Big Data), pp. 4664–4667 (2017). https://doi.org/10.1109/BigData.2017.8258512

Makandar, A., Patrot, A.: Malware analysis and classification using artificial neural network. In: 2015 International Conference on Trends in Automation, Communications and Computing Technology (I-TACT-15), pp. 1–6 (2015). https://doi.org/10.1109/ITACT.2015.7492653

Makandar, A., Patrot, A.: Malware class recognition using image processing techniques. In: 2017 International Conference on Data Management, Analytics and Innovation (ICDMAI), pp. 76–80 (2017). https://doi.org/10.1109/ICDMAI.2017.8073489

Makandar, A., Patrot, A.: Wavelet statistical feature based malware class recognition and classification using supervised learning classifier. Orient. J. Comput. Sci. Technol. 10(2), 400–406 (2017). https://doi.org/10.13005/ojcst/10.02.20CrossRef

Nataraj, L., et al.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security - VizSec 2011, pp. 1–7. ACM, Pittsburgh (2011). https://doi.org/10.1145/2016904.2016908

Parsian, M.: Data Algorithms. O’Reilly, Boston (2015)

10.

Rieck, K., et al.: Learning and classification of malware behavior. In: Zamboni, D. (ed.) Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 108–125. Springer, Berlin (2008). https://doi.org/10.1007/978-3-540-70542-0_6

11.

Cisco 2018 Annual Cybersecurity Report

12.

Le rapport de sécurité 2018/2019 d’AV-TEST (2019)

Title: Classification of Grayscale Malware Images Using the K-Nearest Neighbor Algorithm
Authors: Ikram Ben Abdel Ouahab
Mohammed Bouhorma
Anouar Abdelhakim Boudhir
Lotfi El Aachak
Publisher: Springer International Publishing
Book: Innovations in Smart Cities Applications Edition 3
Print ISBN: 978-3-030-37628-4

Electronic ISBN: 978-3-030-37629-1

Copyright Year: 2020
DOI: https://doi.org/10.1007/978-3-030-37629-1_75

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner