IEEE Access (Jan 2019)

A New Learning Approach to Malware Classification Using Discriminative Feature Extraction

  • Ya-shu Liu,
  • Yu-Kun Lai,
  • Zhi-Hai Wang,
  • Han-Bing Yan

DOI
https://doi.org/10.1109/ACCESS.2019.2892500
Journal volume & issue
Vol. 7
pp. 13015 – 13023

Abstract

Read online

With the development of the Internet, malware has become one of the most significant threats. Recognizing specific types of malware is an important step toward effective removal. Malware visualization is an important branch of malware static analysis techniques, where a piece of malware is turned into an image for visualization and classification. Despite great success, it is still difficult to extract effective texture feature representations for challenging datasets. The existing methods use global image features which are sensitive to relative code locations. In this paper, we present a new learning framework to obtain more discriminative and robust feature descriptors. The proposed method works with the existing local descriptors such as local binary patterns and dense scale-invariant feature transform, by grouping them into blocks and by using a new bag-of-visual-words model to obtain robust features, which are more flexible than global features and more robust than local features. We evaluate the proposed method on three malware databases. The experimental results demonstrate that the obtained descriptors lead to the state-of-the-art classification performance.

Keywords