Short Review on Metamorphic Malware Detection in Hidden Markov Models

Ling, Yeong Tyng; Sani, Nor Fazlida Mohd

doi:10.23956/ijarcsse/v7i2/01218

Cited by 5 publications

(5 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To identify suspicious behaviour, the model also considers how frequently specific behaviours occur. By examining the typical malware obfuscation techniques and contrasting the many research studies that utilize HMM as a detection tool, Ling and Sani [13] in 2017 introduced the Hidden Markov Model as an efficient metamorphic tool for malware detection. In a comprehensive analysis of intrusion detection methods based on hidden Markov models that was published in 2018, Ramaki, Rasoolzadegan, and Jafari [14] highlight the following six key benefits of these methods: The main benefits include accurate intrusion detection, the capacity to identify new intrusions, the capacity to predict an attacker's probable next steps, the ability to be used in real-time applications by processing data streams on the fly, the use of heterogeneous data sources as input, and the ability to visualize the knowledge acquired in comparison to other machine learning techniques.…”

Section: Introductionmentioning

confidence: 99%

Markov Models for Malware and Intrusion Detection: A Survey

Baltov

2023

SJC

View full text Add to dashboard Cite

Malicious attacks are one of the main threats facing today's most used Android and Windows operating systems, as well as the Internet of Things (IoT) and web environments. Markov models and hidden Markov models have been used successfully over the past few decades to identify a variety of malicious activity, including as viruses, worms, Trojan horses, rootkits, ransomware, and phishing assaults. But they have their limits. One of their main limitations is that they are unable to detect subtle changes in malicious behaviour. This paper presents Markov models and hidden Markov models as a tool for detecting malicious attacks and briefly reviews different studies from the past five years that use these models as a detection tool. This review, based on publications drawn from three databases, outlines the continuing interest of security researchers in these models. Most of the chosen research papers show that these models are applied to create systems that have a detection accuracy of malicious attacks above 94%. This study can be helpful to beginners who are interested in starting their research in the field of detecting malicious attacks.

show abstract

Section: Introductionmentioning

confidence: 99%

Markov Models for Malware and Intrusion Detection: A Survey

Baltov

2023

SJC

View full text Add to dashboard Cite

show abstract

“…It is important to understand and extend already existing implementations of metamorphic engines to understand the weaknesses of our detection strategies like Hidden Markov Model (HMM). According to the previous researches [6]- [8] done in the domain, HMM based detectors have been considered successful in detection of metamorphic malware which have otherwise been able to bypass commercial antiviruses.…”

Section: Introductionmentioning

confidence: 99%

Enhanced Metamorphic Techniques-A Case Study Against Havex Malware

et al. 2021

View full text Add to dashboard Cite

Most of the commercial antiviruses are signature based, that is, they use existing database signature to detect the malware. Malware authors use code obfuscation techniques in their variety of malware with the aim of bypassing detection by antiviruses. Metamorphic malware change their internal structure hence evading signature based detection. For effective defense against the malware, their construction needs to be explored. This paper includes the study of different obfuscation techniques and possibilities of their extension with focus on garbage code insertion, instruction substitution and subroutine reordering. The objective is to make detection difficult by implementing subject techniques which bypass detection. Havex malware is used as a proof of concept for our antivirus evasion strategy. We have used Hidden Markov Models (HMM), which is a statistical based machine learning detection method, to test the effectiveness of our code morphing. This has shown the strength of our implemented obfuscation techniques.

show abstract

“…However, every biometrics authentication systems have its own shortcomings based on the qualities, capturing device, database, and feature of that quality [11][12][13][14]. To solve the inadequacies of existing based biometric systems, research into finger vein identification comes to the limelight.…”

mentioning

confidence: 99%

Finger vein recognition techniques: a comprehensive review

Kolivand

Asadianfam

Akintoye

et al. 2023

Multimed Tools Appl

View full text Add to dashboard Cite

This paper discusses a comprehensive review of the previous research in the field of the finger vein recognition system with a focus on finger vein enhancements and features extraction advances and shortcomings. It starts with a general introduction of the biometric system followed by detailed descriptions on finger vein identification, and its architecture archival of it, which includes image acquisition, preprocessing of the image, feature extraction, and vein matching. This study focuses on related work proposed by previous researchers, issues in the field that originated from the related work, and a discussion of each of the issues associated and the proposed solutions to each of them. Next a comprehensive discussion on the advances and shortcomings of the existing techniques based on the qualities, capturing device, database, and feature of that quality is presented.Accurate comparisons between existing techniques are presented as tables to make it easy for new researchers to come up with advances and drawbacks of each technique without spending time on all existing research in this area.

show abstract

Short Review on Metamorphic Malware Detection in Hidden Markov Models

Cited by 5 publications

References 23 publications

Markov Models for Malware and Intrusion Detection: A Survey

Markov Models for Malware and Intrusion Detection: A Survey

Enhanced Metamorphic Techniques-A Case Study Against Havex Malware

Finger vein recognition techniques: a comprehensive review

Contact Info

Product

Resources

About