DeepReflect: Discovering Malicious Functionality through Binary Reconstruction

Evan Downing, Yisroel Mirsky, Kyuhong Park, Wenke Lee

USENIX Security Symposium, 2021

Deep learning has continued to show promising results for malware classification. However, to identify key malicious behaviors, malware analysts are still tasked with reverse engineering unknown malware binaries using static analysis tools, which can take hours. Although machine learning can be used to help identify important parts of a binary, supervised approaches are impractical due to the expense of acquiring a sufficiently large labeled dataset.