492 Hits in 4.2 sec

Classification and detection of metamorphic malware using value set analysis

Felix Leder, Bastian Steinbock, Peter Martini
2009 2009 4th International Conference on Malicious and Unwanted Software (MALWARE)  
This includes the use of flags and constants that have to be consistent at specific points. We present a novel approach that allows us to detect metamorphic variants.  ...  Based on this detection, it is also possible to classify new samples to a metamorphic family. Our approach identifies variants by tracking the use of consistent values throughout the malware.  ...  Acknowledgements The authors would like to thank the anonymous reviewers of this paper for discussions and comments. We are also thankful for the people who supported us and gave valuable suggestions.  ... 
doi:10.1109/malware.2009.5403019 dblp:conf/malware/LederSM09 fatcat:2slzikex3vgo7oznu24qundtde

Metamorphic Malware Detection Based on Support Vector Machine Classification of Malware Sub-Signatures

Ban Mohammed Khammas, Alireza Monemi, Ismahani Ismail, Sulaiman Mohd Nor, M.N. Marsono
2016 TELKOMNIKA (Telecommunication Computing Electronics and Control)  
Achieving accurate and efficient metamorphic malware detection remains a challenge.  ...  However, some vital functionalities and code segments remain unchanged between mutations. We exploit these unchanged features by the mean of classification using Support Vector Machine (SVM).  ...  Acknowledgment The first author would like to thanks the Ministry of Higher Education and Scientific Research, Iraq for providing Doctoral scholarship for her study.  ... 
doi:10.12928/telkomnika.v14i3.3850 fatcat:z4ryzzozv5e2jhe3ka7kupesei

Current Trends and the Future of Metamorphic Malware Detection

Shahid Alam, Issa Traore, Ibrahim Sogukpinar
2014 Proceedings of the 7th International Conference on Security of Information and Networks - SIN '14  
This paper analyzes the current trends, provides future directions and reasons about some of the basic characteristics of a system for providing real-time detection of metamorphic malware.  ...  The paper not only serves as a collection of recent references and information for easy comparison and analysis, but also as a motivation for improving the current and developing new techniques for metamorphic  ...  The technique described in [25] uses value set analysis (VSA) to detect metamorphic malware.  ... 
doi:10.1145/2659651.2659670 dblp:conf/sin/AlamTS14 fatcat:mw2d7csdunc2pfnupixkghszfa

Detection of Metamorphic Malware based on HMM: A Hierarchical Approach

Mina Gharacheh, Vali Derhami, Sattar Hashemi, Seyed Mehdi Hazrati Fard
2016 International Journal of Intelligent Systems and Applications  
Malware contain various sequences of opcodes some of which are more important and help detect the malware and the rest cause interference.  ...  In comparison to previous methods, the results demonstrate that the proposed method is more accurate in metamorphic malware detection and shows higher speed at classification.  ...  The classification threshold is a value using which the files in the test set are classified as benign or malware.  ... 
doi:10.5815/ijisa.2016.04.02 fatcat:ghvrqj5pcfeulka6ktp5y7bqo4

Detecting and Classifying Morphed Malwares: A Survey

Sanjam Singla, Ekta Gandotra, Divya Bansal, Sanjeev Sofat
2015 International Journal of Computer Applications  
These obscure methods cannot completely impede analysis, but it prolongs the process of analysis and detection.  ...  This paper presents a review on malware detection systems and the progress made in detecting advanced malwares which will serve as a reference to researchers interested in working on advance malware detection  ...  Minkowski-form distance was used to find out the similarity between two histograms. Martini et al. [50] used VSA (Value Set Analysis) for detecting metamorphic malware.  ... 
doi:10.5120/21738-4937 fatcat:ryuz3x62jncflnjppysikvyafa

Nonnegative matrix factorization and metamorphic malware detection

Yeong Tyng Ling, Nor Fazlida Mohd Sani, Mohd Taufik Abdullah, Nor Asilah Wati Abdul Hamid
2019 Journal in Computer Virology and Hacking Techniques  
In this paper, through static analysis, we use similarity score from matrix factorization technique called Nonnegative Matrix Factorization for detecting challenging metamorphic malware.  ...  This causes change of their signature pattern across each infection and makes signature based detection particularly difficult.  ...  Stamp Mark of SJSU, California for sharing the Linux metamorphic malware dataset used in this study.  ... 
doi:10.1007/s11416-019-00331-0 fatcat:ivkegebqrngargeengnfx7hnki

Compression-based analysis of metamorphic malware

Jared Lee, Thomas H. Austin, Mark Stamp
2015 International Journal of Security and Networks (IJSN)  
Compression-based Analysis of Metamorphic Malware by Jared Lee Recent work has presented a technique based on structural entropy measurement as an effective way to detect metamorphic malware.  ...  Malware detection has also been attempted through the use of adaptive data compression and showed promising results.  ...  analysis to detect metamorphic malware.  ... 
doi:10.1504/ijsn.2015.070426 fatcat:kbrm22owe5fwppbku5d6m6sipy

Deep learning based Sequential model for malware analysis using Windows exe API Calls

Ferhat Ozgur Catak, Ahmet Faruk Yazı, Ogerta Elezaj, Javed Ahmed
2020 PeerJ Computer Science  
It is quite impossible for anti-virus applications using traditional signature-based methods to detect metamorphic malware, which makes it difficult to classify this type of malware accordingly.  ...  Recent research literature about malware detection and classification discusses this issue related to malware behavior.  ...  Since they developed this malicious software to conduct a specific malicious activity, using this information, nearly all the methods used for the detection and classification of metamorphic malware tackle  ... 
doi:10.7717/peerj-cs.285 pmid:33816936 pmcid:PMC7924690 fatcat:euacesaw2zgutly7fhbxerbbo4

A Benchmark API Call Dataset for Windows PE Malware Classification [article]

Ferhat Ozgur Catak, Ahmet Faruk Yazı
2021 arXiv   pre-print
The use of operating system API calls is a promising task in the detection of PE-type malware in the Windows operating system.  ...  Finally, we will describe how to perform malware classification tasks using different computational methods for the researchers who will use the data set we have created.  ...  All of the methods used by analysts to detect malicious software is called malware analysis. Malware analysis is a very broad term and includes many stages.  ... 
arXiv:1905.01999v2 fatcat:4fqmgaougvbldjs5qzrqm5ymxm

A Simple Method for Detection of Metamorphic Malware using Dynamic Analysis and Text Mining

S.P. Choudhary, Miss Deepti Vidyarthi
2015 Procedia Computer Science  
Metamorphic malware are the most challenging threat in digital world, which are quite advanced and have actually reduced the significance of signature based detection.  ...  These malware use code obfuscation to mutate and have numerous forms thus increasing the size of signature database; make it unmanageable and incomplete to cover all variants.  ...  These malware have a decryption engine which may be common and whose signature may be used for detection. Metamorphic malware use changes in code to mutate itself, this is called Code Obfuscation.  ... 
doi:10.1016/j.procs.2015.06.031 fatcat:byn6tlvgvng7vboaxp724ot67m

Metamorphic Malware Detection Using Linear Discriminant Analysis and Graph Similarity [article]

Reza Mirzazadeh, Mohammad Hossein Moattar, Majid Vafaei Jahan
2018 arXiv   pre-print
OGS tries to detect metamorphic malware using the similarity of opcode graphs.  ...  In this method, all nodes and edges have a respective effect on classification, but in the proposed method, edges of graphs are pruned using Linear Discriminant Analysis (LDA).  ...  Many methods have been proposed to detect metamorphic viruses, which can be categorized into two families: those that use dynamic analysis and those that rely on static analysis of the code. [2] .  ... 
arXiv:1811.04304v1 fatcat:qfuqjifuqncvra4ukngdp4htge

Behavior-based features model for malware detection

Hisham Shehata Galal, Yousef Bassyouni Mahdy, Mohammed Ali Atiea
2015 Journal in Computer Virology and Hacking Techniques  
Malware variants share similar behaviors yet they have different syntactic structure due to the incorporation of many obfuscation and code change techniques such as polymorphism and metamorphism.  ...  To extract the proposed model, we first perform dynamic analysis on a relatively recent malware dataset inside a controlled virtual environment and capture traces of API calls invoked by malware instances  ...  [19] have used (HMM) analysis to detect certain challenging classes of malware. In their research, they considered the related problem of malware variants classification based on HMMs.  ... 
doi:10.1007/s11416-015-0244-0 fatcat:wdejku6rrrbkjntnm2v6emilbe

Detection of Malicious Software by Analyzing Distinct Artifacts Using Machine Learning and Deep Learning Algorithms

Mathew Ashik, A. Jyothish, S. Anandaram, P. Vinod, Francesco Mercaldo, Fabio Martinelli, Antonella Santone
2021 Electronics  
Traditionally, anti-malware products use signatures for detecting known malware. However, the signature-based method does not scale in detecting obfuscated and packed malware.  ...  Prominent features are extracted using Minimum Redundancy and Maximum Relevance (mRMR) and Analysis of Variance (ANOVA).  ...  [13] Classification algorithm that uses static features called Malware Classification using SimHash and CNN. Time required for malware detection and classification was comparatively more. Z.  ... 
doi:10.3390/electronics10141694 fatcat:wj5oa566gzcjldfq62kqnc3mrm

A Comparison of Malware Detection Techniques Based on Hidden Markov Model

Saja Alqurashi, Omar Batarfi
2016 Journal of Information Security  
The three major techniques used for malware detection are heuristic, signature-based, and behavior based. Among these, the most prevalent is the heuristic based malware detection.  ...  In this paper, we present the Hidden Markov Model as a cutting edge malware detection tool and a comprehensive review of different studies that employ HMM as a detection tool.  ...  Comparison Article Pros strengths Cons/limitations Analysis and Detection of Metamorphic Computer Viruses [3] [4] Used HMM as detection and has ability to identify all malware.  ... 
doi:10.4236/jis.2016.73017 fatcat:c7miqy6wsre5riu4lqnnwpbteq

Grouping the executables to detect malware with high accuracy [article]

Sanjay K. Sahay, Ashu Sharma
2016 arXiv   pre-print
, LMT, FT and NBT) classifiers to detect variants of malware or unknown malware.  ...  This paper discusses the study of malware and benign executables in groups to detect unknown malware with high accuracy.  ...  We are also thankful to IUCAA, Pune for providing hospitality and computation facility where part of the work was carried out.  ... 
arXiv:1606.06908v1 fatcat:h6ipy6ggejcbjjbmuprvkpw6jq
« Previous Showing results 1 — 15 out of 492 results