Home » Publication » 24174

Dettaglio pubblicazione

2021, 2021 International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), Pages 01-06

Static analysis of PE files using neural network techniques for a pocket tool (04b Atto di convegno in volume)

Fonseca A F. H., Ferracci S., Palmaro F., Iocchi L., Nardi D., Franchina L.

The continuous growth in the number of malware instances has posed a serious challenge to the security of computer systems; hence, malware detection is a key factor in securing various devices, from personal devices to large servers. Static analysis allows for the extraction of multiple file characteristics belonging to different categories of information without incurring the overhead of dynamic analysis and the risks associated with it. In this paper, we present a methodology to classify Portable Executable (PE) files as malware or non-malware by exploiting the technology of neural networks, adapting it to the collected data to obtain better results. The aim of our methodology is to create a pocket tool, i.e., a tool that can be used even on devices with limited available resources. Hence our tests were conducted entirely using a personal computer with only 16GB of RAM. After a careful analysis of the techniques at our disposal and a selection of the most relevant information, we reduced the amount of resources used, both in terms of time and space, while maintaining a high accuracy of 93%.
ISBN: 978-1-6654-1262-9
© Università degli Studi di Roma "La Sapienza" - Piazzale Aldo Moro 5, 00185 Roma