A static heuristic approach to detecting malware targets
作者: Mohaddeseh Zakeri , Fatemeh Faraji Daneshgar , Maghsoud Abbaspour
DOI: 10.1002/SEC.1228
关键词:
摘要: Nowadays malware writers usually employ several obfuscation techniques to evade detection. The number of variants detected each day has been increasing significantly. Unfortunately traditional detection approaches such as signature scanning are becoming inefficient detect malwares. Researches show that these obfuscations make some anomalies in Portable Executable files. In this paper, by focusing on important static heuristic features and fuzzy classification algorithms, we tried malwares packed addition, used preprocessing anomaly exceptions benign files improved our results. experimental results, using over 63000 file samples, indicate the proposed detector achieves high results with low false positive negative rates. Furthermore, new samples had undetectable for many years antivirus products custom packers, system works well unknown too. Copyright © 2015 John Wiley & Sons, Ltd.
sci-hub.se 参考文章(23)
Monirul Sharif, Vinod Yegneswaran, Hassen Saidi, Phillip Porras, Wenke Lee, Eureka: A Framework for Enabling Static Malware Analysis european symposium on research in computer security. pp. 481- 500 ,(2008) , 10.1007/978-3-540-88313-5_31
Aditya P. Mathur, Nwokedi Idika, A Survey of Malware Detection Techniques ,(2007)
Jens Christian Hühn, Eyke Hüllermeier, An Analysis of the FURIA Algorithm for Fuzzy Rule Induction Advances in Machine Learning I. pp. 321- 344 ,(2010) , 10.1007/978-3-642-05177-7_16
Igor Santos, Borja Sanz, Carlos Laorden, Felix Brezo, Pablo G Bringas, None, Opcode-sequence-based semi-supervised unknown malware detection computational intelligence and security. pp. 50- 57 ,(2011) , 10.1007/978-3-642-21323-6_7
M. Zubair Shafiq, S. Momina Tabish, Fauzan Mirza, Muddassar Farooq, PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime recent advances in intrusion detection. pp. 121- 141 ,(2009) , 10.1007/978-3-642-04342-0_7
Geoffrey I. Webb, Decision tree grafting from the all-tests-but-one partition international joint conference on artificial intelligence. pp. 702- 707 ,(1999)
William W. Cohen, Fast Effective Rule Induction Machine Learning Proceedings 1995. pp. 115- 123 ,(1995) , 10.1016/B978-1-55860-377-6.50023-2
Neha Runwal, Richard M. Low, Mark Stamp, Opcode graph similarity and metamorphic detection Journal of Computer Virology and Hacking Techniques. ,vol. 8, pp. 37- 52 ,(2012) , 10.1007/S11416-012-0160-5
D. Michael Cai, Maya Gokhale, James Theiler, Comparison of feature selection and classification algorithms in identifying malicious executables Computational Statistics & Data Analysis. ,vol. 51, pp. 3156- 3172 ,(2007) , 10.1016/J.CSDA.2006.09.005
Wei Yan, Zheng Zhang, Nirwan Ansari, Revealing Packed Malware ieee symposium on security and privacy. ,vol. 6, pp. 65- 69 ,(2008) , 10.1109/MSP.2008.126