Home > CSC-OpenAccess Library > Manuscript Information
EXPLORE PUBLICATIONS BY COUNTRIES |
EUROPE | |
MIDDLE EAST | |
ASIA | |
AFRICA | |
............................. | |
United States of America | |
United Kingdom | |
Canada | |
Australia | |
Italy | |
France | |
Brazil | |
Germany | |
Malaysia | |
Turkey | |
China | |
Taiwan | |
Japan | |
Saudi Arabia | |
Jordan | |
Egypt | |
United Arab Emirates | |
India | |
Nigeria |
Integrated Feature Extraction Approach Towards Detection of Polymorphic Malware In Executable Files
Emmanuel Masabo, Kyanda Swaib Kaawaase, Julianne Sansa-Otim, Damien Hanyurwimfura
Pages - 25 - 33 | Revised - 31-03-2017 | Published - 30-04-2017
MORE INFORMATION
KEYWORDS
Malware Detection, Static Analysis, Dynamic Analysis, Polymorphic Malware, Machine Learning.
ABSTRACT
Some malware are sophisticated with polymorphic techniques such as self-mutation and emulation based analysis evasion. Most anti-malware techniques are overwhelmed by the polymorphic malware threats that self-mutate with different variants at every attack. This research aims to contribute to the detection of malicious codes, especially polymorphic malware by utilizing advanced static and advanced dynamic analyses for extraction of more informative key features of a malware through code analysis, memory analysis and behavioral analysis. Correlation based feature selection algorithm will be used to transform features; i.e. filtering and selecting optimal and relevant features. A machine learning technique called K-Nearest Neighbor (K-NN) will be used for classification and detection of polymorphic malware. Evaluation of results will be based on the following measurement metrics-True Positive Rate (TPR), False Positive Rate (FPR) and the overall detection accuracy of experiments.
A. Azab, R. Layton, M. Alazab, and J. Oliver, "Mining malware to detect variants," Proceedings - 5th Cybercrime and Trustworthy Computing Conference, CTC 2014, pp. 44-53, 2015. | |
A. Sharma and S. K. Sahay, "Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey," International Journal of Computer Applications, vol. 90, no. 2, pp. 7-11, 2014. | |
D. Arshi and M. Singh, "Behavior Analysis of Malware Using Machine Learning," in Contemporary Computing (IC3), 2015 Eighth International Conference on, 2015, pp. 481-486. | |
G. Liang, J. Pang, and C. Dai, "A Behavior-Based Malware Variant Classification Technique," International Journal of Information and Education Technology, vol. 6, no. 4, pp. 291-295, 2016. | |
J. Park, S. Choi, and D. Y. Kim, "Malware Analysis and Classification: A Survey," Lecture Notes in Electrical Engineering, vol. 215, no. April, pp. 449-457, 2013. | |
L. Zeltser, "Malware sample sources for researchers." [Online]. Available: https://zeltser.com/malware-sample-sources. [Accessed: 28-Feb-2016]. | |
Lavasoft, "Detecting Polymorphic Malware." [Online]. Available: http://www.lavasoft.com/mylavasoft/securitycenter/whitepapers/detecting-polymorphic-malware. [Accessed: 01-Sep-2016]. | |
M. Ahmadi, A. Sami, H. Rahimi, and B. Yadegari, "Malware detection by behavioural sequential patterns," Computer Fraud & Security, vol. 2013, no. 8, pp. 11-19, 2013. | |
M. Ahmadi, A. Sami, H. Rahimi, and B. Yadegari, "Malware detection by behavioural sequential patterns," Computer Fraud and Security, vol. 2013, no. 8, pp. 11-19, 2013. | |
M. Sikorski and A. Honig, Practical Malware analysis: The hands-on guide to dissecting malicious software. San Francisco: No Starch Press, Inc., 2012. | |
P. M. Comar, L. Liu, S. Saha, P. N. Tan, and A. Nucci, "Combining supervised and unsupervised learning for zero-day malware detection," Proceedings - IEEE INFOCOM, pp. 2022-2030, 2013. | |
S. Cesare, Y. Xiang, and W. Zhou, "Malwise-an effective and efficient classification system for packed and polymorphic malware," IEEE Transactions on Computers, vol. 62, no. 6, pp. 1193-1206, 2013. | |
S. K. Pandey and B. M. Mehtre, "A lifecycle based approach for malware analysis," Proceedings - 2014 4th International Conference on Communication Systems and Network Technologies, CSNT 2014, pp. 767-771, 2014. | |
S. Kumar, C. Rama Krishna, N. Aggarwal, R. Sehgal, and S. Chamotra, "Malicious data classification using structural information and behavioral specifications in executables," 2014 Recent Advances in Engineering and Computational Sciences, RAECS 2014, pp. 1-6, 2014. | |
Symantec, "015 Internet Security Threat Report," Internet Security Threat Report, 2015. [Online]. Available: https://www.itu.int/en/ITU-D/Cybersecurity/Documents/Symantec_annual_internet_threat_report_ITU2015.pdf. | |
V. Kumar and S. Minz, "Feature Selection: A literature Review," Smart Computing Review, vol. 4, no. 3, pp. 211-229, 2014. | |
V. Naidu and A. Narayanan, "Needleman-Wunsch and Smith-Waterman Algorithms for Identifying Viral Polymorphic Malware Variants," 2016 IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, 14th Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech), no. August, pp. 326-333, 2016. | |
Y. Prayudi and S. Yusirwan, "the Recognize of Malware Characteristics Through Static and Dynamic Analysis Approach As an Effort To Prevent Cybercrime Activities," Journal of Theoretical and Applied Information Technology (JATIT), vol. 77, no. xx, pp. 438-445, 2015. | |
Mr. Emmanuel Masabo
College of Computing and Information Sciences
Makerere University, Kampala, Uganda - Uganda
masabem@gmail.com
Dr. Kyanda Swaib Kaawaase
College of Computing and Information Sciences
Makerere University, Kampala, Uganda - Uganda
Dr. Julianne Sansa-Otim
College of Computing and Information Sciences,
Makerere University, Kampala, Uganda - Uganda
Dr. Damien Hanyurwimfura
College of Science and Technology
University of Rwanda, Kigali, Rwanda - Rwanda
|
|
|
|
View all special issues >> | |
|
|