Data augmentation based malware detection using convolutional neural networks

Due to advancements in malware competencies, cyber-attacks have been broadly observed the digital world. Cyber-attacks can hit an organization hard by causing several damages such as data breach, financial loss, and reputation loss. Some of most prominent examples ransomware attacks history are WannaCry Petya, which impacted companies’ finances throughout globe. Both Petya caused operational processes inoperable targeting critical infrastructure. It is quite impossible for anti-virus applications using traditional signature-based methods detect this type because they different characteristics on each contaminated computer. The important feature that change their contents mutation engines create another hash representation executable file propagate from one computer another. To overcome method attackers use camouflage malware, we created three-channel image files malicious software. Attackers make variants same software modify malware. In solution problem, images applying augmentation methods. This article aims provide enhanced deep convolutional neural network (CNN) models detecting families a metamorphic environment. main contributions consist three components, including generation samples, augmentation, last classifying CNN model. first component, collected samples converted into binary 3-channel windowing technique. second component system augmented version images, part builds classification study uses five model family detection. results obtained classifier demonstrate accuracy up 98%, satisfactory.