Erick Galinkin

Netskope

What is the Shape of an Executable? (pdf, video)

The empirical success of neural networks in fields such as natural language processing and computer vision has led researchers in many other fields, including information security, to try their hand at deep learning. However, the landmark results seen in some applications have not been repeated in information security and have rarely been successful without significant feature engineering. Most convolutional neural networks are written to use rectangular filters, but the convolution operator is flexible and its efficacy in signal processing is often contingent on the shape of the signal being processed and the filter it is convolved with. We consider the impact of filter shape on detection accuracy and compare our non-rectangular convolutional model against two benchmark models. Notably, we look at the transfer learning potential for this technique and find that there is meaningful similarity for filter shapes among the 3 major operating systems, and show that transfer learning may be a fruitful avenue for future research.