Malware Classification through HEX Conversion and Mining
作者: P. Kavitha , A. Pratheema Manju Prabha
DOI:
关键词: Naive Bayes classifier 、 Trojan horse 、 Computer science 、 Executable 、 Construct (python library) 、 Malware 、 Data mining
摘要: The malicious codes are normally referred as malware. Systems vulnerable to the traditional attacks, and attackers continue find new ways around existing protection mechanisms in order execute their injected code. Malware is a pervasive problem distributed computer network systems. These executables created at rate of thousands every year. There several types threat violate these components; for example Viruses, Worms, Trojan horse Malware. represents serious confidentiality since it may result loss control over private data users. It typically hidden from user difficult detect can create significant unwanted CPU activity, disk usage traffic. In systems, programs be detected by automatic signature generation called F-Sign extraction unique signatures malware files. This primarily intended high-speed process based on comparison with common function repository. mining framework employed this research learns through analyzing behavior benign large datasets. We have robust classifiers, namely Naive Bayes (NB) Algorithm, k−Nearest Neighbor (kNN) J48 decision tree evaluated performance. involves extracting opcode sequence dataset, construct classification model identify or benign. Our approach showed 98.4% detection whose was not used building process.
ijcaonline.org参考文章(12)
Silvio Cesare, Yang Xiang, Classification of malware using structured control flow AusPDC '10 Proceedings of the Eighth Australasian Symposium on Parallel and Distributed Computing - Volume 107. pp. 61- 70 ,(2010)
Robert Moskovitch, Clint Feher, Nir Tzachar, Eugene Berger, Marina Gitelman, Shlomi Dolev, Yuval Elovici, Unknown Malcode Detection Using OPCODE Representation european conference on intelligence and security informatics. pp. 204- 215 ,(2008) , 10.1007/978-3-540-89900-6_21
Joris Kinable, Orestis Kostakis, Malware classification based on call graph clustering Journal of Computer Virology and Hacking Techniques. ,vol. 7, pp. 233- 245 ,(2011) , 10.1007/S11416-011-0151-Y
Ismael Briones, Aitor Gomez, Gran Vía, GRAPHS, ENTROPY AND GRID COMPUTING: AUTOMATIC COMPARISON OF MALWARE ,(2008)
Kent Griffin, Scott Schneider, Xin Hu, Tzi-cker Chiueh, Automatic Generation of String Signatures for Malware Detection recent advances in intrusion detection. pp. 101- 120 ,(2009) , 10.1007/978-3-642-04342-0_6
Gerald R. Thompson, Lori A. Flynn, Polymorphic malware detection and identification via context-free grammar homomorphism Bell Labs Technical Journal. ,vol. 12, pp. 139- 147 ,(2007) , 10.1002/BLTJ.V12:3
Xin Hu, Tzi-cker Chiueh, Kang G. Shin, Large-scale malware indexing using function-call graphs computer and communications security. pp. 611- 620 ,(2009) , 10.1145/1653662.1653736
Jeremy Z. Kolter, Marcus A. Maloof, Learning to detect malicious executables in the wild knowledge discovery and data mining. pp. 470- 478 ,(2004) , 10.1145/1014052.1014105
Yanfang Ye, Dingding Wang, Tao Li, Dongyi Ye, IMDS Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '07. pp. 1043- 1047 ,(2007) , 10.1145/1281192.1281308
Md. Enamul. Karim, Andrew Walenstein, Arun Lakhotia, Laxmi Parida, Malware Phylogeny Generation using Permutations of Code Journal in Computer Virology. ,vol. 1, pp. 13- 23 ,(2005) , 10.1007/S11416-005-0002-9