부산대학교 도서관

This work introduces a highly accurate and efficient malware detection system based on 1-dimensional convolutional neural networks. The system takes as input a binary file and classifies it as malicious or benign. There is minimal pre-processing of the binaries, with features discovery left to the network during training. A crucial difference with other convolutional neural networks (CNN) based approaches is the use of 1-dimensional convolutions; this methodological choice is shown to have significant positive consequences for the detector. In order to compare the detector with state-of-the-art techniques a TF-IDF based benchmark malware detector is also implemented: experiments show an improved accuracy of the proposed CNN detector while maintaining similar training times. The system is also compared, on a publicly available dataset of 11130 binaries, with an existing embedding based CNN detector. The proposed system outperforms, both in accuracy and training time the embedding based CNN.