ASSCA: API sequence and statistics features combined architecture for malware detection
作者: Lu Xiaofeng , Jiang Fangshuo , Zhou Xiao , Yi Shengwei , Sha Jing
DOI: 10.1016/J.COMNET.2019.04.007
关键词:
摘要: Abstract In this paper, a new deep learning and machine combined model is proposed for malware behavior analysis. One part of it analyzes the dependency relation in API (Application Programming Interface) call sequence at functional level, extracts features random forest to learn classify. The other employs bidirectional residual neural network study discover with redundant information preprocessing. sequence, future much more important conjecturing semantic current call. We conducted experiments on dataset. experiment results show that both methods can effectively detect malwares. However, framework has better classification performance. accuracy detection architecture 0.967.
sci-hub.se 参考文章(24)
Udi Manber, Sun Wu, A FAST ALGORITHM FOR MULTI-PATTERN SEARCHING ,(1999)
John Houvardas, Efstathios Stamatatos, N-Gram Feature Selection for Authorship Identification Artificial Intelligence: Methodology, Systems, and Applications. pp. 77- 86 ,(2006) , 10.1007/11861461_10
Razvan Pascanu, Jack W. Stokes, Hermineh Sanossian, Mady Marinescu, Anil Thomas, Malware classification with recurrent networks international conference on acoustics, speech, and signal processing. pp. 1916- 1920 ,(2015) , 10.1109/ICASSP.2015.7178304
Charles Elkan, Zachary C. Lipton, John Berkowitz, A Critical Review of Recurrent Neural Networks for Sequence Learning arXiv: Learning. ,(2015)
Nikolay Kuzurin, Alexander Shokurov, Nikolay Varnovsky, Vladimir Zakharov, On the Concept of Software Obfuscation in Computer Security Lecture Notes in Computer Science. pp. 281- 298 ,(2007) , 10.1007/978-3-540-75496-1_19
Joshua Saxe, Konstantin Berlin, Deep neural network based malware detection using two dimensional binary program features international conference on malicious and unwanted software. pp. 11- 20 ,(2015) , 10.1109/MALWARE.2015.7413680
Mihai Christodorescu, Somesh Jha, Testing malware detectors international symposium on software testing and analysis. ,vol. 29, pp. 34- 44 ,(2004) , 10.1145/1007512.1007518
Gerardo Canfora, Eric Medvet, Francesco Mercaldo, Corrado Aaron Visaggio, Detecting Android malware using sequences of system calls Proceedings of the 3rd International Workshop on Software Development Lifecycle for Mobile. pp. 13- 20 ,(2015) , 10.1145/2804345.2804349
Parvez Faruki, Ammar Bharmal, Vijay Laxmi, Vijay Ganmoor, Manoj Singh Gaur, Mauro Conti, Muttukrishnan Rajarajan, Android Security: A Survey of Issues, Malware Penetration, and Defenses IEEE Communications Surveys and Tutorials. ,vol. 17, pp. 998- 1022 ,(2015) , 10.1109/COMST.2014.2386139
Igor Santos, Felix Brezo, Xabier Ugarte-Pedrero, Pablo G Bringas, None, Opcode sequences as representation of executables for data-mining-based unknown malware detection Information Sciences. ,vol. 231, pp. 64- 82 ,(2013) , 10.1016/J.INS.2011.08.020