Combining deep learning and virtualization technologies to defend against banking malware

2021 Fiscal Year Final Research Report

• Project/Area Number: 20K21788
• Research Category: Grant-in-Aid for Challenging Research (Exploratory)
• Allocation Type: Multi-year Fund
• Review Section: Medium-sized Section 60:Information science, computer engineering, and related fields
• Research Institution: The University of Tokyo
• Principal Investigator: Shinagawa Takahiro 東京大学, 情報基盤センター, 准教授 (40361745)
• Project Period (FY): 2020-07-30 – 2022-03-31
• Keywords: 仮想化技術 / セキュリティ / 深層学習

Outline of Final Research Achievements

In this study, we conducted research on countermeasures against banking malware by integrating deep learning and virtualization technologies. We studied a method that can classify variants with high accuracy by deep learning, taking advantage of the fact that banking malware has many variants. We also studied a technique that can generate and detect malware images from binary-level data that can be obtained by virtualization technology, with the aim of integrating deep learning technique with virtualization technology. We explored various models and parameter combinations for deep learning, including the use of labels for confidentiality measures, and found that the latest models provide high classification accuracy with a low degree of transition learning.

Free Research Field

オペレーティングシステム

Academic Significance and Societal Importance of the Research Achievements

近年は非常に多数のマルウェアが登場しており、実際に様々なセキュリティ上の被害が継続的に発生し続けているのが現状である。本研究では、最新の深層学習技術と仮想化技術を融合することで、高い精度でマルウェアを検知することができて、かつマルウェアが回避できないシステムの構築に向けた基礎研究を実施した。この技術を発展させることにより、将来的にマルウェアによる被害を大幅に低減できるシステムが実用化されることが見込まれる。