You’re familiar with the phrase, “A picture is worth 1,000 words.” Well, Microsoft and Intel are applying this philosophy to malware detection—using deep learning and a neural network to turn malware into images for analysis at scale. Project STAMINA—an acronym for STAtic Malware-as-Image Network Analysis—converts malware samples into two-dimensional grayscale images that can be analyzed based on their unique criteria.
Researchers from the two companies have worked together to develop this interesting approach to malware detection. STAMINA uses deep learning—a type of machine learning designed to create an intelligent system capable of learning on its own from unstructured and unlabeled input data.
Microsoft provided more than two million infected samples for the project to work with. 60 percent of the samples were used to train the deep neural network (DNN) algorithm, 20 percent were used to validate the DNN, and the remaining 20 percent were used to test the efficacy of Project STAMINA. The team achieved 99.07 percent accuracy in detecting and classifying malware samples, with a false positive rate of just 2.58 percent.
The results are solid so far, but there is a lot of work to do still, and there are also some potential pitfalls to watch out for.
Advantages of Project STAMINA and Deep Learning
Deep learning approaches (such as STAMINA) allow malware analysis practitioners to analyze a steady stream of data or samples without manual extraction of features and manual tuning. Ravi Sahita, Senior Principal Engineer and Research Manager at Intel, explained “Typically, deep neural networks are complex to tune. Here, using battle-tested neural network architectures like Inception (for tasks like image classification) allow us to use transfer learning which reduces the burden of training a deep neural network from scratch.”
When it comes to classifying malware, the amount of data available is massive, which lends itself to deep learning techniques. It’s crucial to have human experts in the loop to verify the accuracy and outcomes from the malware classification deep learning models as well, though. The use of deep learning technologies provide broader insights and enable malware classification to match the speed and scale of malware that can be generated using automated techniques, helping human security experts to filter out the noise and focus on the threats that pose the greatest risk.
Caveats for Identifying Malware with Project STAMINA
As awesome as machine learning and deep neural networks can be, there are some challenges and caveats to this type of system as well. Sahita noted that depending on the neural network architecture used, the cost of training and inference can be higher than traditional, lighter weight malware detection techniques. This cost is offset by the speed of analyzing large amounts of malware data that have been catalogued and over-time accrued benefits. Also, the costs can be sufficiently addressed by CPU ISA extensions, GPUs and ML accelerators.
The lack of explainability—the extent that a machine learning or deep learning system can be explained in a way that humans understand—is an issue with deep learning as well. As the system learns and evolves, it may not be apparent how or why it makes the decisions that it does. Even if the results are accurate, the lack of ability for human experts to understand, appropriately trust, and effectively manage the system may be adversely affected if the underlying model cannot be explained. Approaches such as LIME (Local Interpretable Model-agnostic Explanations) can be applied to STAMINA just as they have been applied to other image-based classification problems.
STAMINA also can’t “see” aspects of the malware which may only be exposed during execution, such as decryption of payloads in memory or undesirable activity like ransomware. To address this, Intel has been working on forward-looking research on adversarial-resilient approaches, as well as extracting telemetry from execution patterns as well as CPU telemetry. These additional information streams can be coupled with deep learning techniques to address the blind-spots that a deep-learning model may have for better malware classification.
Intel developed the MLsploit open source project in partnership with Georgia Tech to provide a framework for interactive experimentation with adversarial machine learning research and enable security practitioners to evaluate and compare state-of-the-art adversarial attacks and defenses for machine learning models.
Stages of STAMINA
There are three essential steps or stages of STAMINA: preprocessing, transfer learning, and evaluation.
Preprocessing takes care of image conversion. It directly converts the raw binary into its associated two-dimensional image.
Transfer learning is then performed on the resulting malware images as well as benign images. STAMINA transfer learning analysis was done using a Microsoft dataset of 2.2 million hashes of malware binaries. Using transfer learning enables STAMINA to accelerate training time and maintain high classification performance for the neural network.
The final step of STAMINA is evaluation. Evaluation considers accuracy, precision, recall, false positive rate, and other factors to produce a final result that achieved 99.07% accuracy with only a 2.58% false positive rate.
It is still in the semi early stages of development but results for Project STAMINA are promising so far. It is accurate and fast with smaller files, but researchers noted that it struggles against larger files (this is not a fundamental limit, but issues due to tool limitations). Once refined, though, Project STAMINA could be used as part of operating systems and anti-malware tools to proactively detect malware attacks.