A Hierarchical Framework to Detect Targeted Attacks using Deep Neural Network

Malware is a serious threat to corporations, individuals and nation states as the adversaries leverage it to get unauthorized access to secret and critical information. Today, malware detection at large scale is challenging due to the increase in number and variety of malwares. One approach to address this issue is using statistical analysis and machine learning. Threat research can be for organizations or individuals. Threat research organizations is a manual and cumbersome process to find the source of the malware, the family it belongs to and the target of the malicious code. In this paper, we propose a hierarchical framework that accelerates the detection and classification of malware based on the priorities of an organization. We also propose the first deep neural network that can differentiate between a targeted malware,(i.e. cyber-espionage), and nontargeted malware sample (i.e. cyber-crime). This model has been tested and verified using a balanced data-set of both type of files. It achieved a detection rate of 97% with the false negative rate of 2.8%.