Malware Detection by Eating a Whole EXE
About
In this work we introduce malware detection from raw byte sequences as a fruitful research area to the larger machine learning community. Building a neural network for such a problem presents a number of interesting challenges that have not occurred in tasks such as image processing or NLP. In particular, we note that detection from raw bytes presents a sequence problem with over two million time steps and a problem where batch normalization appear to hinder the learning process. We present our initial work in building a solution to tackle this problem, which has linear complexity dependence on the sequence length, and allows for interpretable sub-regions of the binary to be identified. In doing so we will discuss the many challenges in building a neural network to process data at this scale, and the methods we used to work around them.
Related benchmarks
| Task | Dataset | Result | Rank | |
|---|---|---|---|---|
| Malware Detection | Malware Detection dataset | Latency (s)0.0021 | 21 | |
| Malware Detection | Sleipnir2 (test) | Accuracy (Clean)98.9 | 7 | |
| Malware Detection | BODMAS (September 2019 to September 2020) | Accuracy (09/2019)92.39 | 7 | |
| Malware Detection | VTFeed (test) | Clean Accuracy98.9 | 3 |