Microsoft and Intel are together working on a project to better detect malware by converting it into an image. The new project is called STAMINA and stand for (Static Malware as Image Network Analysis).
The new project is something we have never seen and works like a charm. The researchers confirm that the new technique has attained an accuracy of 99.07%.
STAMINA is a new approach to detect, find and cassify malwares easily.
How STAMINA Works?
Long story short, first of all, it convert it into a simple 2-dimensional image and then anaylze it.
First, it takes an input file and converts it into a binary form that contains raw pixel data. The team will then take this one-dimensional pixel stream and convert the same into a two-dimensional photo. Only after converting it to a 2D photo, the algorithm could analyze them.
The technique here is that it converts the given malware sample into grayscale images and scans the images for any structural or textural patterns specific to the input file.
The image’s width depend on the pixel file size and the below given table shows the Pixel file size and corresponding Image Width.
In this the hieght is always dynamic.
After this is done, the obtained normal-looking 2D image is then resized to a small dimension. If the images are so big in terms of dimension then it would take lots of time for analyzing and would negatively impact the classificational results.
Initially, the Microsoft Intel team provided about 2.2 million samples of infected portable executable file hashes. 60% of known malware samples were given so as to train the DNN algorithm, 20% of the sample to validate the DNN and the remaining 20% for testing purposes.
Turns out STAMINA managed to achieve an accuracy rate of 99.07% in detecting and categorizing the given malware sample with false-positive rate of 2.58%.