ViPER: Vision-based Packing-Aware Encoder for Robust Malware Detection
Researchers have developed ViPER, a novel approach for malware detection that addresses the challenge of executable packing. ViPER utilizes a Vision Transformer (ViT) backbone adapted with LoRA, featuring a dual-head architecture to simultaneously classify malware and detect packing. A unique packing-aware gating mechanism allows for distinct predictions based on the inferred packing state, improving accuracy for both packed and unpacked binaries. The system achieved a balanced accuracy of 0.8521 and an ROC-AUC of 0.9260 on a dataset of 200,000 Windows PE byteplot images, outperforming existing state-of-the-art methods. AI
IMPACT This research could lead to more robust malware detection systems, particularly against evasion techniques like packing.