Dr. Hongmei Zhang is currently a professor in Guilin University of Electronic Technology. She received a doctorate degree from East China University of Science and Technology in 2008. She was a visiting scholar of Cheng kung University, T.W. during 2010 and Heriot Watt University, U.K. from 2014 to 2015. Her research areas include information system security, machine learning and embedded system. She has authored and co-authored more than 50 scientific papers and conference presentations. She is serving as an assistant editor for IEEE ACCESS, and once hosted 8th International Conference on Communication and Network in China (Chinacom2013), ever served as assistant editor for Wireless Communication and Mobile Computing, co-chair of IEEE INFORCOM 2011 Workshop on Cognitive & Cooperative Networks, session chair of IEEE 20th International Conference on Communication Technology (ICCT 2020) and 10th International Conference on Internet Computing for Science and Engineering (ICICSE 2021).
Speech Title: Malware classification based on GAF visualization of dynamic API call sequence
Due to the constant updates of malware and its variants and the continuous development of malware obfuscation techniques. Malware intrusions targeting Windows hosts are also on the rise. Traditional static analysis methods such as signature matching mechanisms have been difficult to adapt to the detection of new malware. Therefore, this paper proposes a novel visual detection method of malware. We propose a first-time method to convert the Windows API call sequence with sequential nature into feature images based on the Gramian Angular Field (GAF) idea, and train a neural network to identify malware. The experimental results demonstrate the effectiveness of our proposed method. For the binary classification of malware, the GAF visualization image of the API call sequence is compared with its original sequence. After GAF visualization, the classification accuracy of the classic machine learning model MLP is improved by 9.64%, and the classification accuracy of the deep learning model CNN is improved by 4.82%. Furthermore, our experiments show that the proposed method is also feasible and effective for the multi-class classification of malware.