malconv-model-base logo

intel/malconv-model-base

Verified Publisher

By Intel Corporation

Updated almost 2 years ago

This is an image containing Intel optimized Malconv model file only.

Image
Data Science
Machine Learning & AI
Security
0

2.9K

Intel Optimized Malconv Model

This docker images contains a Intel optimized Malconv model trained using Keras API in H5 format. Malconv is a convolutional neural network for malicious PE detection, described in the original paper as "Malware detection by eating a whole exe.". The first open-sourced Malconv implementation is originally release by Ember.

For better inference speed using Intel® Advanced Matrix Extensions (Intel® AMX) on the 4th Gen Intel® Xeon® Scalable Processor platform (codename Sapphire Rapids), some of the hyperparameters are tuned with the topology of the network unchanged.

Training set used

Hyperparameter

  • input size: 1MB
  • embedding_size: 4
  • batch_size: 128
  • filters: 32
  • kernel_size: 2500
  • stride: 600

Reference

Raff, Edward, et al. "Malware detection by eating a whole exe." arXiv preprint arXiv:1710.09435 (2017).
H. Anderson and P. Roth, "EMBER: An Open Dataset for Training Static PE Malware Machine Learning Models”, in ArXiv e-prints. Apr. 2018.

@ARTICLE{2018arXiv180404637A,
  author = {{Anderson}, H.~S. and {Roth}, P.},
  title = "{EMBER: An Open Dataset for Training Static PE Malware Machine Learning Models}",
  journal = {ArXiv e-prints},
  archivePrefix = "arXiv",
  eprint = {1804.04637},
  primaryClass = "cs.CR",
  keywords = {Computer Science - Cryptography and Security},
  year = 2018,
  month = apr,
  adsurl = {http://adsabs.harvard.edu/abs/2018arXiv180404637A},
}
@misc{harang2020sorel20m,
      title={SOREL-20M: A Large Scale Benchmark Dataset for Malicious PE Detection}, 
      author={Richard Harang and Ethan M. Rudd},
      year={2020},
      eprint={2012.07634},
      archivePrefix={arXiv},
      primaryClass={cs.CR}
}

Docker Pull Command

docker pull intel/malconv-model-base