Details
| Publication type: | Conference paper |
|---|---|
| Conference: | ITASEC 2021: Italian Conference on Cybersecurity |
| Location: | Virtual |
| Online publication date: | 2021-08-09 |
Abstract
In recent years, steganographic techniques have become increasingly exploited by malware to avoid detection and remain unnoticed for long periods. Among the various approaches observed in real attacks, a popular one exploits embedding malicious information within innocent-looking pictures. In this paper, we present a machine learning technique for sanitizing images containing malicious data injected via the Invoke-PSImage method. Specifically, we propose to use a deep neural network realized through a residual convolutional autoencoder to disrupt the malicious information hidden within an image without altering its visual quality. The experimental evaluation proves the effectiveness of our approach on a dataset of images injected with PowerShell scripts. Our tool removes the injected artifacts and inhibits the reconstruction of the scripts, partially recovering the initial image quality.
Authors
- Marco Zuppelli
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy - Giuseppe Manco
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy - Luca Caviglione
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy - Massimo Guarascio
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy