Image representation and deep inception-attention for file-type and malware classification
File-type classification aims to recognize the file types of files/fragments without file-system metadata, which is essential for memory forensics and data recovery. In this paper, we introduce an image representation and deep inception-attention manner for file-type classification. Specifically, we...
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Conference Paper |
| Language: | English |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/174535 |
| _version_ | 1824457090126577664 |
|---|---|
| author | Wang, Yi Wu, Kejun Liu, Wenyang Yap, Kim-Hui Chau, Lap-Pui |
| author2 | School of Electrical and Electronic Engineering |
| author_facet | School of Electrical and Electronic Engineering Wang, Yi Wu, Kejun Liu, Wenyang Yap, Kim-Hui Chau, Lap-Pui |
| author_sort | Wang, Yi |
| collection | NTU |
| description | File-type classification aims to recognize the file types of files/fragments without file-system metadata, which is essential for memory forensics and data recovery. In this paper, we introduce an image representation and deep inception-attention manner for file-type classification. Specifically, we consider file-type classification as an image classification problem. Raw data sequences in the memory block are converted to 2D binary images, enriching the representation ability and visualization while retaining the completeness of the bitstream. With binary images as inputs, we propose a deep inception-attention network to extract discriminate horizontal features and re-calibrate the weights of feature maps, and finally, predict file types. Experiments on a large-scale benchmark show the superiority of the proposed model. Moreover, our method can be extended to a similar application, like malware classification, and achieve outstanding performance. |
| first_indexed | 2025-02-19T04:04:28Z |
| format | Conference Paper |
| id | ntu-10356/174535 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2025-02-19T04:04:28Z |
| publishDate | 2024 |
| record_format | dspace |
| spelling | ntu-10356/1745352024-04-05T15:40:31Z Image representation and deep inception-attention for file-type and malware classification Wang, Yi Wu, Kejun Liu, Wenyang Yap, Kim-Hui Chau, Lap-Pui School of Electrical and Electronic Engineering 2023 IEEE International Symposium on Circuits and Systems (ISCAS) Computer and Information Science Image representation Self-attention Memory forensics File-type classification Malware analysis File-type classification aims to recognize the file types of files/fragments without file-system metadata, which is essential for memory forensics and data recovery. In this paper, we introduce an image representation and deep inception-attention manner for file-type classification. Specifically, we consider file-type classification as an image classification problem. Raw data sequences in the memory block are converted to 2D binary images, enriching the representation ability and visualization while retaining the completeness of the bitstream. With binary images as inputs, we propose a deep inception-attention network to extract discriminate horizontal features and re-calibrate the weights of feature maps, and finally, predict file types. Experiments on a large-scale benchmark show the superiority of the proposed model. Moreover, our method can be extended to a similar application, like malware classification, and achieve outstanding performance. National Research Foundation (NRF) Submitted/Accepted version This research / project is supported by the National Research Foundation, Singapore, and Cyber Security Agency of Singapore under its National Cybersecurity R&D Programme (NRF2018NCR-NCR009-0001). 2024-04-03T00:48:42Z 2024-04-03T00:48:42Z 2023 Conference Paper Wang, Y., Wu, K., Liu, W., Yap, K. & Chau, L. (2023). Image representation and deep inception-attention for file-type and malware classification. 2023 IEEE International Symposium on Circuits and Systems (ISCAS). https://dx.doi.org/10.1109/ISCAS46773.2023.10181598 9781665451093 https://hdl.handle.net/10356/174535 10.1109/ISCAS46773.2023.10181598 2-s2.0-85167689577 en NRF2018NCRNCR009-0001 © 2023 IEEE. All rights reserved. This article may be downloaded for personal use only. Any other use requires prior permission of the copyright holder. The Version of Record is available online at http://doi.org/10.1109/ISCAS46773.2023.10181598. application/pdf |
| spellingShingle | Computer and Information Science Image representation Self-attention Memory forensics File-type classification Malware analysis Wang, Yi Wu, Kejun Liu, Wenyang Yap, Kim-Hui Chau, Lap-Pui Image representation and deep inception-attention for file-type and malware classification |
| title | Image representation and deep inception-attention for file-type and malware classification |
| title_full | Image representation and deep inception-attention for file-type and malware classification |
| title_fullStr | Image representation and deep inception-attention for file-type and malware classification |
| title_full_unstemmed | Image representation and deep inception-attention for file-type and malware classification |
| title_short | Image representation and deep inception-attention for file-type and malware classification |
| title_sort | image representation and deep inception attention for file type and malware classification |
| topic | Computer and Information Science Image representation Self-attention Memory forensics File-type classification Malware analysis |
| url | https://hdl.handle.net/10356/174535 |
| work_keys_str_mv | AT wangyi imagerepresentationanddeepinceptionattentionforfiletypeandmalwareclassification AT wukejun imagerepresentationanddeepinceptionattentionforfiletypeandmalwareclassification AT liuwenyang imagerepresentationanddeepinceptionattentionforfiletypeandmalwareclassification AT yapkimhui imagerepresentationanddeepinceptionattentionforfiletypeandmalwareclassification AT chaulappui imagerepresentationanddeepinceptionattentionforfiletypeandmalwareclassification |