Mahima Choudhary
2017 International Journal of Advanced Research in Computer Science  
Abstrac: The malware is a very common term in today's scenario. It is very harmful for our device. It is continuously gaining the rise in its quantity. It is proving to be a challenging task to detect the malware because whenever we come to evade a technique for its detection, the attackers also evade the new technique to overcome with our detection technique. Presently we have two techniques for the analysis of an application to be a malware or a goodware. these are : static analysis and
more » ... c analysis Mostly anti-virus software uses signature-based detection technique but it is inefficient in the today's scenario because of the rapid increase in the number and variants of malware. The signature is a unique identifier for a binary file, which is created by analyzing the binary file using static analysis methods. The dynamic analysis uses the actions and behavior during runtime to find out the type of executable (either malware or benign). Both methods have their own benefits as well as drawbacks. This paper proposes a new technique which uses HAML(Hybrid Analysis with Machine Learning).Hybrid analysis is the combined form of static and dynamic analysis to analyses the executable file Machine Learning is used to classify an unknown executable file. In this method, known type of malware and the benign programs are used as training data. By analysis of the binary code and dynamic behavior, the feature vector is selected. The proposed method utilizes the benefits of both static and dynamic analysis thus the efficiency, and the classification result is improved. Our experimental results show an accuracy of 95.87% using static, 97.17% using dynamic and 98.72% using the embedded method. As Compare to the standalone dynamic and static methods, our HAML method gives the more accurate results and is proved to be more efficient.
doi:10.26483/ijarcs.v8i9.4781 fatcat:cxmoddfel5dlxduablsotrqzii