Skip to content

OPLIN 4Cast #698: Can you spot the malware in this picture?

Posted in 4cast

Sometimes when I’m searching online for something hard to pin down in words, I click over to the Image results. Images let me quickly scan for nuances of a concept, and from there, I can identify the sites that might offer exactly what I’m looking for.

I was reminded of this today reading about ‘STAMINA’—STAtic Malware-as-Image Network Analysis. Artificial intelligence applications are getting very good at learning from images, so Intel and Microsoft are exploring a way to convert binary computer code into grayscale pictures. Their A.I. can then scan the images for patterns, and in this way, identify malware with increased accuracy.

  • Microsoft, Intel Introduce ‘STAMINA’ Approach to Malware Detection [Security Week] “The approach is based on the inspection of malware binaries plotted as grayscale images, which has revealed that there are textural and structural similarities between binaries from the same malware families, and differences between different families or between malware and benign software.”
  • Microsoft and Intel project converts malware into images before analyzing it [ZDNet] “Microsoft says it provided a sample of 2.2 million infected Portable Executable file hashes to serve as a base for the research. The research team said STAMINA achieved an accuracy of 99.07% in identifying and classifying malware samples, with a false positives rate of 2.58%.”
  • Microsoft and Intel turn malware into images to help spot more threats [Engadget] “Most malware detection relies on extracting binary signatures or fingerprints, but the sheer number of signatures makes that impractical. This could help anti-malware tools effectively keep up and reduce the chances of security threats slipping past defenses.”
  • Microsoft and Intel Develop STAMINA to Detect and Classify Malware [WinBuzzer] “While it’s clearly early days, if success is ongoing STAMINA could one day be implemented across Microsoft’s business to help detect malware. Microsoft says its access to vast data from Windows Defender puts it in a good position to train the service.”

From the Ohio Web Library: