2022/9/28

Trustsign: trusted malware signature generation in private clouds using deep feature transfer learning

Daniel Nahmias, Aviad Cohen, Nir Nissim, Yuval Elovici

2019 International Joint Conference on Neural Networks (IJCNN), 1-8, 2019

This paper presents TrustSign, a novel, trusted automatic malware signature generation method based on high-level deep features transferred from a VGG-19 neural network model pre-trained on the ImageNet dataset. While traditional automatic malware signature generation techniques rely on static or dynamic analysis of the malware’s executable, our method overcomes the limitations associated with these techniques by producing signatures based on the presence of the malicious process in the volatile memory. Signatures generated using TrustSign well represent the real malware behavior during runtime. By leveraging the cloud’s virtualization technology, TrustSign analyzes the malicious process in a trusted manner, since the malware is unaware and cannot interfere with the inspection procedure. Additionally, by removing the dependency on the malware’s executable, our method is capable of signing …