Classification of Malware Based on String and Function Feature Selection

Islam, Rafiqul; Tian, Rong; Batten, Lynn Margaret; Versteeg, Steve

doi:10.1109/ctc.2010.11

Cited by 71 publications

(38 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since, precise and effective results are achieved by hybrid approach which eliminates the loopholes of each method. In [2,3,4] malware detection system employing hybrid features showed high accuracy and TPR in comparison with those using static and dynamic features.…”

Section: Performance Evaluationmentioning

confidence: 99%

“…They achieved a precise detection rate and low false positives compared to existing malware detection methods. In [2,3,4] investigated malware detection systems based on integrated static and dynamic analysis features using data mining approaches. An appropriate determination of malware variant depends on the feature type employed for discovering malicious activity.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Comparative Analysis of Feature Extraction Methods of Malware Detection

Ranveer¹,

Hiray²

2015

IJCA

View full text Add to dashboard Cite

Recent years have encountered massive growth in malwares which poses a severe threat to modern computers and internet security. Existing malware detection systems are confronting with unknown malware variants. Recently developed malware detection systems investigated that the diverse forms of malware exhibit similar patterns in their structure with minor variations. Hence, it is required to discriminate the types of features extracted for detecting malwares. So that potential of malware detection system can be leveraged to combat with unfamiliar malwares. We mainly focus on the categorization of features based on malware analysis. This paper highlights general framework of malware detection system and pinpoints strengths and weaknesses of each method. Finally we presented overview of performance of present malware detection systems based on features.

show abstract

Section: Performance Evaluationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Comparative Analysis of Feature Extraction Methods of Malware Detection

Ranveer¹,

Hiray²

2015

IJCA

View full text Add to dashboard Cite

show abstract

“…Features that are commonly gleaned from a static analysis of malware include Portable Executable (PE) header metadata such as Dynamic Link Library (DLL) [21] and API calls [28], bytes sequences (or n-grams) [21,14,29], Operational Codes (OpCodes) [19,22,24], strings [21,25,12], and function length and function length frequency [26]. Strings-based techniques were shown to achieve high detection and classification accuracy compared to PE and n-grams based techniques [21,25].…”

Section: Related Workmentioning

confidence: 99%

A Scalable Malware Classification Based on Integrated Static and Dynamic Features

Bounouh

Brahimi

Al-Nemrat³

et al. 2016

Global Security, Safety and Sustainability - The Security Challenges of the Connected World

View full text Add to dashboard Cite

Abstract. This paper presents a malware classification approach which aims to improve precision and support scalability. To this end, an hybrid approach combining both static and dynamic features is adopted. The hybrid approach has the advantage of being a complete and robust solution to evasion techniques used by malware writers. The proposed methodology allowed achieving a very promising accuracy of 99.41% in classifying malware into families while considerably reducing the feature space compared to competing approaches in the literature.

show abstract

“…The recent growth in high-speed internet connections and internet network services has led to an increase in the creation of new malicious code, mainly for the theft of personal information and recruitment of computers to botnets [2]. Moreover, malware designers apply sophisticated techniques to hide the presence of their creations in a computer system, making the problem of malware detection even more difficult [3].…”

Section: Introductionmentioning

confidence: 99%

“…There are several researches that are devoted to automated classification and analysis of malicious software. Paper [2] presents an effective algorithm, which uses a diversity of static feature selection methods to identify and classify malware families and distinguish malware from goodware. Study [15] proposes a classification method based on function level similarity comparison, which is founded on the observation that most malware variants are generated with metamorphic engines or malware generating tools and that those originated from the same program share most of their components.…”

Section: Introductionmentioning

confidence: 99%