Malware Rules - cornerstone of modern security solutions, also as researcher's nightmare. Although it has the characteristics of low false positives and high accuracy, but requires analysts to spend time WEARYGNG GLASSES to find unique strings in binary as pattern to write for detection. Such as it consumes expert time and has become a major pain point for the current security industry. Therefore, whether artificial intelligence can be introduced to solve the problem of writing patterns on large-scale malware has become a consensus issue that the industry is looking forward to, and has also become a hot academic topic of cybersecurity.

In this session, we will start with two innovative studies conducted by AAAAI based on NVIDIA's top-level seminar on how to slice malware binary into semantic sub-patterns from the perspective of Ngram, and extract those high-entropy and developer-specific strings as rules to be effectively detected by a convolutional vision strategy. with a detection rate of 98% in a double-blind test of 800,000 samples, as excellent semantic detection performance. At the end of the session, we summarised the advantages, disadvantages and limitations of this method in products to help the audience to have a strong interest and understanding of this kind of detection technology.