{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,6]],"date-time":"2025-10-06T17:49:34Z","timestamp":1759772974180,"version":"3.40.3"},"publisher-location":"Cham","reference-count":14,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031240485"},{"type":"electronic","value":"9783031240492"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,1,19]],"date-time":"2023-01-19T00:00:00Z","timestamp":1674086400000},"content-version":"vor","delay-in-days":383,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"abstract":"Abstract<\/jats:title>In previous work, \u201cgist descriptor\u201d features extracted from images have been used in malware classification problems and have shown promising results. In this research, we determine whether gist descriptors are robust with respect to malware obfuscation techniques, as compared to Convolutional Neural Networks (CNN) trained directly on malware images. Using the Python Image Library (PIL), we create images from malware executables and from malware that we obfuscate. We conduct experiments to compare classifying these images with a CNN as opposed to extracting the gist descriptor features from these images to use in classification. For the gist descriptors, we consider a variety of classification algorithms including k<\/jats:italic>-nearest neighbors, random forest, support vector machine, and multi-layer perceptron. We find that gist descriptors are more robust than CNNs, with respect to the obfuscation techniques that we consider.<\/jats:p>","DOI":"10.1007\/978-3-031-24049-2_1","type":"book-chapter","created":{"date-parts":[[2023,1,18]],"date-time":"2023-01-18T16:02:56Z","timestamp":1674057776000},"page":"3-21","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Robustness of\u00a0Image-Based Malware Analysis"],"prefix":"10.1007","author":[{"given":"Katrina","family":"Tran","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fabio","family":"Di Troia","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3803-8368","authenticated-orcid":false,"given":"Mark","family":"Stamp","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,1,19]]},"reference":[{"key":"1_CR1","volume-title":"Computer Viruses and Malware","author":"J Aycock","year":"2010","unstructured":"Aycock, J.: Computer Viruses and Malware, 1st edn. Springer Publishing Company, Incorporated, New York (2010)","edition":"1"},{"doi-asserted-by":"publisher","unstructured":"Chen, J.: A malware detection method based on RGB image. In: Proceedings of the 2020 6th International Conference on Computing and Artificial Intelligence, ICCAI 2020, pp. 283\u2013290. Association for Computing Machinery, New York (2020). https:\/\/doi.org\/10.1145\/3404555.3404622","key":"1_CR2","DOI":"10.1145\/3404555.3404622"},{"key":"1_CR3","doi-asserted-by":"publisher","first-page":"14510","DOI":"10.1109\/ACCESS.2018.2805301","volume":"6","author":"J Fu","year":"2018","unstructured":"Fu, J., Xue, J., Wang, Y., Liu, Z., Shan, C.: Malware visualization for fine-grained classification. IEEE Access 6, 14510\u201314523 (2018). https:\/\/doi.org\/10.1109\/ACCESS.2018.2805301","journal-title":"IEEE Access"},{"key":"1_CR4","doi-asserted-by":"publisher","first-page":"25","DOI":"10.52306\/04020321CRBH5596","volume":"4","author":"S Gero","year":"2021","unstructured":"Gero, S., Back, S., LaPrade, J., Kim, J.: Malware infections in the US during the COVID-19 pandemic: an empirical study. Int. J. Cybersecurity Intell. Cybercrime 4, 25\u201337 (2021)","journal-title":"Int. J. Cybersecurity Intell. Cybercrime"},{"key":"1_CR5","doi-asserted-by":"publisher","DOI":"10.1155\/2014\/132713","volume":"2014","author":"K Han","year":"2014","unstructured":"Han, K., Kang, B., Im, E.G.: Malware analysis using visualized image matrices. Sci. World J. 2014, 132713 (2014). https:\/\/doi.org\/10.1155\/2014\/132713","journal-title":"Sci. World J."},{"unstructured":"Lundh, F., Clark, A.: Concepts (2022). https:\/\/pillow.readthedocs.io\/en\/stable\/handbook\/concepts.html","key":"1_CR6"},{"unstructured":"Mbaabu, O.: Introduction to random forest in machine learning (2020). https:\/\/www.section.io\/engineering-education\/introduction-to-random-forest-in-machine-learning\/","key":"1_CR7"},{"issue":"1","key":"1_CR8","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/s10207-014-0248-7","volume":"14","author":"A Nappa","year":"2014","unstructured":"Nappa, A., Rafique, M.Z., Caballero, J.: The MALICIA dataset: identification and analysis of drive-by download operations. Int. J. Inf. Secur. 14(1), 15\u201333 (2014). https:\/\/doi.org\/10.1007\/s10207-014-0248-7","journal-title":"Int. J. Inf. Secur."},{"doi-asserted-by":"publisher","unstructured":"Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, VizSec 2011. Association for Computing Machinery, New York (2011). https:\/\/doi.org\/10.1145\/2016904.2016908","key":"1_CR9","DOI":"10.1145\/2016904.2016908"},{"doi-asserted-by":"crossref","unstructured":"Oliva, A., Torralba, A.: Modeling the shape of the scene: a holistic representation of the spatial envelope. Int. J. Comput. Vision 42, 145\u2013175 (2004). http:\/\/people.csail.mit.edu\/torralba\/code\/spatialenvelope\/","key":"1_CR10","DOI":"10.1023\/A:1011139631724"},{"key":"1_CR11","doi-asserted-by":"publisher","DOI":"10.1201\/9781003264873","volume-title":"Introduction to Machine Learning with Applications in Information Security","author":"M Stamp","year":"2022","unstructured":"Stamp, M.: Introduction to Machine Learning with Applications in Information Security, 2nd edn. Chapman & Hall\/CRC, Boca Raton (2022)","edition":"2"},{"doi-asserted-by":"publisher","unstructured":"Vasan, D., Alazab, M., Wassan, S., Naeem, H., Safaei, B., Zheng, Q.: IMCFN: image-based malware classification using fine-tuned convolutional neural network architecture. Comput. Netw. 171, 107138 (2020). https:\/\/doi.org\/10.1016\/j.comnet.2020.107138. https:\/\/www.sciencedirect.com\/science\/article\/pii\/S1389128619304736","key":"1_CR12","DOI":"10.1016\/j.comnet.2020.107138"},{"doi-asserted-by":"crossref","unstructured":"Yajamanam, S., Selvin, V.R.S., Troia, F.D., Stamp, M.: Deep learning versus gist descriptors for image-based malware classification. In: Mori, P., Furnell, S., Camp, O. (eds.) Proceedings of the 4th International Conference on Information Systems Security and Privacy, ICISSP 2018, pp. 553\u2013561. SciTePress (2018)","key":"1_CR13","DOI":"10.5220\/0006685805530561"},{"doi-asserted-by":"publisher","unstructured":"Yakura, H., Shinozaki, S., Nishimura, R., Oyama, Y., Sakuma, J.: Malware analysis of imaged binary samples by convolutional neural network with attention mechanism. In: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, CODASPY 2018, pp. 127\u2013134. Association for Computing Machinery, New York (2018). https:\/\/doi.org\/10.1145\/3176258.3176335","key":"1_CR14","DOI":"10.1145\/3176258.3176335"}],"container-title":["Communications in Computer and Information Science","Silicon Valley Cybersecurity Conference"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-24049-2_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,22]],"date-time":"2023-01-22T01:23:19Z","timestamp":1674350599000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-24049-2_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031240485","9783031240492"],"references-count":14,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-24049-2_1","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"19 January 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SVCC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Silicon Valley Cybersecurity Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 August 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 August 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"svcc2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/svcc2022.svcsi.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"80% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}