Suspicious code is converted into images and these are then compared with previously known examples of malicious code.
Microsoft, in collaboration with Intel, has developed a new method of detecting malicious code called Static Malware-as-Image Network Analysis (Stamina).
In short, the method involves converting suspicious code into images and then comparing them with previously known examples of malicious code. Because the images are relatively small, they can be analyzed quickly, which is done with machine learning.
The basis for the analysis is 2.2 million examples of malicious files collected by the Windows Defender antivirus software.
According to Microsoft, 99.07 percent of the malicious code can be identified using Stamina, which means that the method is useful already at the present time.