Filters








214 Hits in 5.0 sec

Effective methods to detect metamorphic malware: a systematic review

Mustafa Irshad, Haider M. Al Khateeb, Ali Mansour, Moses Ashawa, Muhammad Hamisu
2018 International Journal of Electronic Security and Digital Forensics  
The majority of the reviewed detection methods used Opcode, Control Flow Graph (CFG) and API Call Graph.  ...  Key challenges facing the detection of metamorphic malware include code obfuscation, lack of dynamic capabilities to analyse code and application difficulty.  ...  When API Call Graph is used, extracted API call lists and its parameters would be incorrect when the Malware uses encryption.  ... 
doi:10.1504/ijesdf.2018.090948 fatcat:dwzh3mhbofbdlawxuqptb2inuq

Hunting for metamorphic JavaScript malware

Mangesh Musale, Thomas H. Austin, Mark Stamp
2014 Journal in Computer Virology and Hacking Techniques  
From the malware writer's perspective, one potential advantage of JavaScript is that powerful code obfuscation techniques can be applied to evade detection.  ...  In this research, we analyze metamorphic JavaScript malware.  ...  We test the resulting enhanced malware using the same scores used in the previous section, namely, HMM, opcode graph similarity, simple substitution distance, and SVD scores.  ... 
doi:10.1007/s11416-014-0225-8 fatcat:5cx6m3hrr5cujhyzvt4ku2iuey

Annotated Control Flow Graph for Metamorphic Malware Detection

Shahid Alam, Issa Traore, Ibrahim Sogukpinar
2014 Computer journal  
ACFG is built by annotating CFG of a binary program and is used for graph and pattern matching to analyse and detect metamorphic malware.  ...  Metamorphism is a technique that mutates the binary code using different obfuscations and never keeps the same sequence of opcodes in the memory.  ...  On the assumption and the motivation described above, we propose a new technique named Annotated Control Flow Graph (ACFG) that can enhance the detection of metamorphic malware and can handle malware with  ... 
doi:10.1093/comjnl/bxu148 fatcat:m5znph6uffcl3a26pcsypvnclq

Detecting and Classifying Morphed Malwares: A Survey

Sanjam Singla, Ekta Gandotra, Divya Bansal, Sanjeev Sofat
2015 International Journal of Computer Applications  
In this era, most of the antivirus companies are facing immense difficulty in detecting morphed malwares as they conceal themselves from detection.  ...  These obscure methods cannot completely impede analysis, but it prolongs the process of analysis and detection.  ...  In [37] authors suggested that using code graph can be helpful for analyzing and detecting malware. Furthermore, system call sequence was analysed and a topological graph was produced.  ... 
doi:10.5120/21738-4937 fatcat:ryuz3x62jncflnjppysikvyafa

A framework for metamorphic malware analysis and real-time detection

Shahid Alam, R.Nigel Horspool, Issa Traore, Ibrahim Sogukpinar
2015 Computers & security  
Each MAIL statement is assigned a pattern that can be used to annotate a control flow graph for pattern matching to analyse and detect metamorphic malware.  ...  As part of the new framework, to build a behavioral signature and detect metamorphic malware in real-time, we propose two novel techniques, named ACFG (Annotated Control Flow Graph) and SWOD-CFWeight (  ...  ACFG can enhance the detection of metamorphic malware and can handle malware with smaller CFGs.  ... 
doi:10.1016/j.cose.2014.10.011 fatcat:wfvcjrwn6fflnifsvutkz3c3gq

MAIL: Malware Analysis Intermediate Language

Shahid Alam, R. Nigel Horspool, Issa Traore
2013 Proceedings of the 6th International Conference on Security of Information and Networks - SIN '13  
Each MAIL statement is assigned a pattern that can be used to annotate a control flow graph for pattern matching to analyse and detect metamorphic malware.  ...  Experimental evaluation of the proposed approach using an existing dataset yields malware detection rate of 93.92% and false positive rate of 3.02%.  ...  If an unknown metamorphic malware uses all or some of the same class of behaviors as are used by the training dataset (set of old metamorphic malware) then it is possible to detect these type of malware  ... 
doi:10.1145/2523514.2527006 dblp:conf/sin/AlamHT13 fatcat:enxc3uwkb5daxbvqj5nx7ppvjq

Improving the Detection of Malware Behaviour Using Simplified Data Dependent API Call Graph

Ammar Ahmed Elhadi, Mohd Aizaini Maarof, Bazara Barry
2013 International Journal of Security and Its Applications  
Matching the API call graph using graph matching algorithm have NP-complete problem and is slow because of computational complexity .In this study, a malware detection system based on API call graph is  ...  They can also be used to find procedures that are never called. The formal definition of a call graph is provided in terms of a directed graph as follows:  ...  The authors would like to thank Research Management Centre (RMC) Universiti Teknologi Malaysia and ELmashreq College for Science and Technology (MCST) for the support and incisive comments in making this  ... 
doi:10.14257/ijsia.2013.7.5.03 fatcat:pt7p2p6gjrbcndyvzjxf2ur6m4

Enhanced metamorphic techniques -A case study against Havex malware

Zainub Mumtaz, Mehreen Afzal, Waseem Iqbal, Waqas Aman, Naima Altaf
2021 IEEE Access  
In many researches, HMMs are used to detect metamorphic malware including those produced using commercially available metamorphic malware generators.  ...  To make detection of this code difficult, calls are made to these subroutines.  ... 
doi:10.1109/access.2021.3102073 fatcat:7zc547zejrg5tdtmv7c3lijbjy

A Comparison of Malware Detection Techniques Based on Hidden Markov Model

Saja Alqurashi, Omar Batarfi
2016 Journal of Information Security  
The three major techniques used for malware detection are heuristic, signature-based, and behavior based. Among these, the most prevalent is the heuristic based malware detection.  ...  In this paper, we present the Hidden Markov Model as a cutting edge malware detection tool and a comprehensive review of different studies that employ HMM as a detection tool.  ...  The following graph shows us the architecture of the Code Emulator Process Flow.  ... 
doi:10.4236/jis.2016.73017 fatcat:c7miqy6wsre5riu4lqnnwpbteq

AGIS: Towards automatic generation of infection signatures

Zhuowei Li, XiaoFeng Wang, Zhenkai Liang, Michael K. Reiter
2008 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN)  
To this end, we develop AGIS, the first host-based technique that detects infections by novel malware and automatically generates an infection signature of the malware.  ...  or API calls.  ...  Detection of metamorphic malware is an undecidable problem in general.  ... 
doi:10.1109/dsn.2008.4630092 dblp:conf/dsn/LiWLR08 fatcat:qejbs4qtxnfopnzja5hekepeae

A Dynamic Malware Detection in Cloud Platform

Nani Lee Yer Fui, Aziah Asmawi, Masnida Hussin
2020 International journal of difference equations  
However, due to the complex environment and scalability of services, one of the highest security issues is malware attacks, where some of the antivirus scanner unable to detect metamorphic malware or encrypted  ...  The objective of this work is to study and performs detection based on dynamic malware analysis and classification is through the WEKA classifier and Random Forest Jupyter Notebook.  ...  Acknowledgement The authors would like to thanks Universiti Putra Malaysia as this study is part of the Putra IPM Grant (GP-IPM/2019/9676100).  ... 
doi:10.37622/ijde/15.2.2020.243-258 fatcat:3suhiwp36zh6bdi5idrm3vvzaa

The rise of obfuscated Android malware and impacts on detection methods

Wael F. Elsersy, Ali Feizollah, Nor Badrul Anuar
2022 PeerJ Computer Science  
The concern of encountering difficulties in malware reverse engineering motivates researchers to secure the source code of benign Android applications using evasion techniques.  ...  The study criticizes the existing research gap of detection in the latest Android malware detection frameworks and challenges the classification performance against various evasion techniques.  ...  This type of transformation obfuscates the call graph detection technique by redirecting function calls and creating a maze of calls (Gascon et al., 2013) .  ... 
doi:10.7717/peerj-cs.907 pmid:35494876 pmcid:PMC9044361 fatcat:cpbfkiw4bvd3rjx7a3f7ckictu

An Efficient Mining Based Approach Using PSO Selection Technique For Analysis and Detection of Obfuscated Malware

Ali Zafar, Tariq Rahim Soomro
2018 Journal of Information Assurance & Cybersecurity  
Malware developers use obfuscation techniques to hide malwares structure from detection of Anti-Virus (AV) programs, which use signature based detection; it is almost hard to detect the zero day attack  ...  Malware writers use packing mechanism to keep the malicious code harder during the signature-based detection and bypass easily.  ...  The authors proposed a framework for malware detection using signature based and behavior based call graph.  ... 
doi:10.5171/2018.836339 fatcat:ag7v4jcbjbbcjk3gbh5ofnh7mi

A Novel Method for Detecting Future Generations of Targeted and Metamorphic Malware Based on Genetic Algorithm

Danial Javaheri, Pooia Lalbakhsh, Mehdi Hosseinzadeh
2021 IEEE Access  
The proposed method used sequences of local sensitive API invocation and function-call graphs to recognize the behavioral pattern of malware through manually static code analysis.  ...  This is more obvious when the model is used to detect rare, polymorphic, and metamorphic classes of malware.  ...  Hosseinzadeh has made a significant contribution to the advancement of knowledge in his area of expertise, with more than one hundred and fifty publications and four thousand citations.  ... 
doi:10.1109/access.2021.3077295 fatcat:xw46un4iw5ac5nbtl5zdfrfv3e

Survey on Representation Techniques for Malware Detection System

Gamal Abdel Nassir Mohamed, Norafida Bte Ithnin
2017 American Journal of Applied Sciences  
Hence the study of malware detection techniques has become more important and challenging within the security field.  ...  programmingbased tools that could be used to represent the malware sampled.  ...  The main issues of using API call graph for detecting malware may be listed as: • Input pre-processing • API call graph construction • API call graph optimization • API call graph matching and similarity  ... 
doi:10.3844/ajassp.2017.1049.1069 fatcat:5nl4tt3zyneklelajprm5v7ohi
« Previous Showing results 1 — 15 out of 214 results