Skip to main content

Microsoft and Intel are turning malware into images

(Image credit: Photo Credit: andriano.cz/Shutterstock)

Technology giants Microsoft and Intel have announced their collaboration on a new deep learning (DL)-based technique for identifying malware through the analysis of images.

Static Malware Image Analysis (STAMINA) converts programs into greyscale images and performs analysis to determine whether the code is malicious or not.

The two companies taught the STAMINA system to identify threats using 2.2 million infected PE (Portable Executable) file hashes.

According to an Intel press release, STAMINA reportedly has a success rate of 99.07 per cent, with a false positive rate of 2.58 per cent.

However, the technique only works reliably with smaller files. The larger the file, the greater the volume of pixels, which requires enhanced compression capabilities that are outside STAMINA's consistent range.

"For bigger size applications, STAMINA becomes less effective due to limitations in converting billions of pixels into JPEG images and then resizing them," Microsoft explained in a blog post.

This doesn't mean the pair have dismissed image analysis as a viable method of threat detection - far from it.

"The results certainly encourage the use of deep transfer learning for the purpose of malware classification," said Microsoft researchers Jugal Parikh and Marc Marino.