22,129 Hits in 2.9 sec

Collective classification for packed executable identification

Igor Santos, Xabier Ugarte-Pedrero, Borja Sanz, Carlos Laorden, Pablo G. Bringas
2011 Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference on - CEAS '11  
In this paper, we propose a new method for packed executable detection that adopts a collective learning approach to reduce the labelling requirements of completely supervised approaches.  ...  Notwithstanding, supervised learning methods need the identification and labelling of a high number of packed and not packed executables.  ...  We would also like to acknowledge S21Sec for the Zeus malware family samples provided in order to set up the experimental dataset.  ... 
doi:10.1145/2030376.2030379 dblp:conf/ceas/SantosUSLB11 fatcat:4brlzovyvrbs7fmp5iu5egvgnm

File Packing from the Malware Perspective: Techniques, Analysis Approaches, and Directions for Enhancements

Trivikram Muralidharan, Aviad Cohen, Noa Gerson, Nir Nissim
2022 ACM Computing Surveys  
This paper then surveys 23 methods proposed in academic research for the detection and classification of packed portable executable (PE) files and highlights various trends in malware packing.  ...  The packing of executable files, which is one of the most common techniques for code protection, has been repurposed for code obfuscation by malware authors as a means of evading malware detectors (mainly  ...  We would also like to thank Eitam Sheetrit for his inputs on how to improve our proposed packing classification solution using the TPF classification algorithm, Lastly, we would like to thanks Tomer Panker  ... 
doi:10.1145/3530810 fatcat:c6horhx3i5bevk5ibtu5y42rim

A Fine-Grained Classification Approach for the Packed Malicious Code [chapter]

Shanqing Guo, Shuangshuang Li, Yan Yu, Anlei Hu, Tao Ban
2012 Lecture Notes in Computer Science  
SVM Classifier to implement the fast detection of packed malicious code.We also show that our system achieves very high detection accuracy of packed executables, so that only executables detected as packed  ...  However,these universal unpackers are computationally expensive and scanning large collections of executables may take several hours or even days.In order to improve the computational efficiency, Machine  ...  of packed executables into the packed and non-packed,inlcuding the identification issues of different packers . we first analysis its feature of the typical packed malicious code and described how to  ... 
doi:10.1007/978-3-642-34129-8_49 fatcat:btvg5wkqajeg7lnzepyjwhjszi

An Improved Method for Packed Malware Detection using PE Header and Section Table Information

Nahid Maleki, Computer Engineering Faculty, Najafabad Branch, Islamic Azad University, Najafabad, Iran, Mehdi Bateni, Hamid Rastegari
2019 International Journal of Computer Network and Information Security  
There, a method is presented for detecting malware based on the features extracted from the PE header and section table PE files. The packed files are detected and then unpacke them.  ...  The results of the experiments consist of 971 executable files containing 761 malware and 210 clean files with an accuracy of 98.26%.  ...  Packing means a packed executable file inside another executable file. In order to detect the malware, this pack must be unpacked.  ... 
doi:10.5815/ijcnis.2019.09.02 fatcat:ybgcmfmo5bhoxp73kfx6r7off4

Birds of a Feature: Intrafamily Clustering for Version Identification of Packed Malware

Leo Hyun Park, Jungbeen Yu, Hong-Koo Kang, Taejin Lee, Taekyoung Kwon
2020 IEEE Systems Journal  
It should be noted that we do not execute lineage inference itself but refine an input for lineage inference based on version identification.  ...  Our system design is straightforward and executes stepwise feature processing and version identification.  ... 
doi:10.1109/jsyst.2019.2960076 fatcat:svhj66lnqfdbtl7zz3epikw5ue

Absent extreme learning machine algorithm with application to packed executable identification

Peidai Xie, Xinwang Liu, Jianping Yin, Yongjun Wang
2014 Neural computing & applications (Print)  
By observing the fact that some structural characteristics of a part of packed malware instances hold unreasonable values, we cast the packed executable identification tasks into an absence learning problem  ...  Extreme learning machine (ELM) has been an important research topic over the last decade due to its high efficiency, easy-implementation, unification of classification and regression, and unification of  ...  Guang-Bin Huang for the valuable comments. This work was supported by the National Natural Science Foundation of China (Project Nos. 61105050, 61170287, 61303264 and 61271252).  ... 
doi:10.1007/s00521-014-1558-4 fatcat:zszr6kpwqzge3gl6h5cuwzll5q

Identifying Ransomware - Specific Properties using Static Analysis of Executables

Deepti Vidyarthi, CRS Kumar, Subrata Rakshit
2019 IJARCCE  
The experiments show that higher accuracy of classification, using machine learning algorithms, is achieved by combining these properties with the set of generic malware properties for malware detection  ...  This paper presents the results of the study and analysis of ransomware executable files in order to identify the characteristic properties that distinguish ransomware from other malware and benign executable  ...  then with the collection of all the general and specific properties.  ... 
doi:10.17148/ijarcce.2019.8461 fatcat:34l43o3qszf75pf65336sf5zy4

Opcode sequences as representation of executables for data-mining-based unknown malware detection

Igor Santos, Felix Brezo, Xabier Ugarte-Pedrero, Pablo G. Bringas
2013 Information Sciences  
Entropy analysis initially determines if the binary has undergone a code packing transformation.  ...  A Malware, short for malicious software, means a variety of forms of hostile, intrusive, or annoying software or program code.  ...  During classification, it adopts a top-down approach and traverses a tree for classification of any instance. Moreover, Random Forest is an ensemble learner.  ... 
doi:10.1016/j.ins.2011.08.020 fatcat:74jfmvfgcres7gc7ggfxvdkfi4

A Cross-Platform Malware Variant Classification based on Image Representation

2019 KSII Transactions on Internet and Information Systems  
The existing research proved that the similarities among malware variants could be used for detection and family classification.  ...  CP-MVCS reduced computational time and improved classification accuracy by using CSGM feature description along machine learning classification.  ...  For our case, we collected 181 unpacked binary executables from Virus share [27] portal.  ... 
doi:10.3837/tiis.2019.07.023 fatcat:w3zsmghhm5d45g2ouh2cpuhyk4

Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification

Duy-Phuc Pham, Damien Marion, Matthieu Mastio, Annelie Heuser
2021 Annual Computer Security Applications Conference  
They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors.  ...  altered malware samples with unseen obfuscation techniques during the training phase, and to determine what kind of obfuscations were applied to the binary, which makes our approach particularly useful for  ...  Executable classification. This scenario is a straightforward executable identification, where the model is trying to profile exactly the binary that generated the spectrogram.  ... 
doi:10.1145/3485832.3485894 fatcat:tqzl6tvwffdvxftflyzzdcyp3u

An efficient block-discriminant identification of packed malware

2015 Sadhana (Bangalore)  
Therefore, unpacking becomes a mandatory phase prior to anti-virus scanning for identifying the known malware hidden behind packing layers.  ...  The second phase (PEAL) validates inferences of ESCAPE by employing bi-classification (packed vs native) model using relevant hex byte features extracted blockwise.  ...  They have claimed classification accuracy of 87.3% and an AUC equal to 0.977. Numerous tools have been also designed to identify packed executables for malware analysis.  ... 
doi:10.1007/s12046-015-0399-x fatcat:kuyo2ztuhbfl5jjadoehb7byo4

Evolving Computational Intelligence System for Malware Detection [chapter]

Konstantinos Demertzis, Lazaros Iliadis
2014 Lecture Notes in Business Information Processing  
It is an Evolving Computational Intelligence System for Malware Detection (ECISMD) which performs classification by Evolving Spiking Neural Networks (eSNN), in order to properly label a packed executable  ...  On the other hand, it uses an Evolving Classification Function (ECF) for the detection of malwares and applies Genetic Algorithms to achieve ECF Optimization.  ...  Scanning large collections of executables, may take hours or days.  ... 
doi:10.1007/978-3-319-07869-4_30 fatcat:n2pyy7xzybaitmxxrpgqiggc3q

Classification Method for Imbalanced Data using Ensemble Learning System

In this paper, we propose a grouping based subset troupe learning strategy for taking care of class imbalanced issue.  ...  bunching based Under-inspecting, at that point, a further grouping of new training sets is performed by applying four calculations: Decision Tree, Naive Bayes, KNN and SVM, as the base algorithms in joined packing  ...  Packing is abbreviated type of bootstrap total. It is the main successful method for outfit learning and is one of the clear techniques for versatile weight and joining.  ... 
doi:10.35940/ijitee.b6289.129219 fatcat:nkiv7ygxrbf37hmz5f3pejt4vi

Image Clustering using K-Means on Marine Products

This research succeeds 83% accuracy for bunch the images into nine clusters  ...  In this study, the researcher collected 360 marine product images consist of red snapper, prawn, silver belly, pomfret, mackerel, cuttle fish, lobster, crab and sardine to conduct try-outs at first.  ...  GLCM and K-means have been executed in MATLAB for real marine products images.  ... 
doi:10.35940/ijitee.d1369.029420 fatcat:tomwfwmpujccjhausxf5rpb5cm

Dynamic Malware Analysis and Detection in Virtual Environment

Akshatha Sujyothi, Shreenath Acharya
2017 International Journal of Modern Education and Computer Science  
Thus, automated dynamic malware analysis becomes a widely preferred technique for the identification of unknown malware.  ...  efficient detection of unknown malware compared to the traditional hierarchical classification approach.  ...  The execution traces are collected in the form of a textual report.  ... 
doi:10.5815/ijmecs.2017.03.06 fatcat:b4ek3kj2cbcirocnq73e6b7ecy
« Previous Showing results 1 — 15 out of 22,129 results