Binary visualisation for malware detection

Baptista, I.

dc.contributor.author	Baptista, I.
dc.date.accessioned	2019-05-21T16:11:35Z
dc.date.available	2019-05-21T16:11:35Z
dc.date.issued	2018
dc.identifier.citation	Baptista, I. (2018) 'Binary visualisation for malware detection', The Plymouth Student Scientist, 11(1), p. 223-237.	en_US
dc.identifier.issn	1754-2383
dc.identifier.uri	http://hdl.handle.net/10026.1/14179
dc.description.abstract	It is becoming increasingly harder to protect devices against security threats; as malware is steadily evolving defence mechanisms are struggling to persevere. This study introduces a concept intended at supporting security systems using Self-Organizing Incremental Neural Network (SOINN) and binary visualization. The system converts a file to its visual representation and sends the data for classification to SOINN. Tests were done to evaluate its performance and obtain an accuracy rate, which rounds the 80% figures at the moment, and false positive and negative rates. Bytes prevalence were also analysed with malware samples having a higher amount of null bytes compared with software samples, which may be a result of hiding malicious data or functionality. The patterns created by the samples were examined; malware samples had more clustering and created different patterns across the images whereas software samples presented mostly static and constant images although exceptions were noted in both categories.	en_US
dc.language.iso	en	en_US
dc.publisher	University of Plymouth
dc.rights	Attribution 3.0 United States	*
dc.rights.uri	http://creativecommons.org/licenses/by/3.0/us/	*
dc.subject	security threats	en_US
dc.subject	electronic devices	en_US
dc.subject	malware	en_US
dc.subject	Organizing Incremental Neural Network	en_US
dc.subject	binary visualisation	en_US
dc.subject	malicious data	en_US
dc.title	Binary visualisation for malware detection	en_US
dc.type	Article
plymouth.issue	1
plymouth.volume	11
plymouth.journal	The Plymouth Student Scientist