2020
DOI: 10.1016/j.future.2019.04.044
|View full text |Cite
|
Sign up to set email alerts
|

Similarity hash based scoring of portable executable files for efficient malware detection in IoT

Abstract: The current rise in malicious attacks shows that existing security systems are bypassed by malicious files. Similarity hashing has been adopted for sample triaging in malware analysis and detection. File similarity is used to cluster malware into families such that their common signature can be designed. This paper explores four hash types currently used in malware analysis for portable executable (PE) files. Although each hashing technique produces interesting results, when applied independently, they have hi… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
21
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
7
3

Relationship

0
10

Authors

Journals

citations
Cited by 43 publications
(24 citation statements)
references
References 19 publications
(24 reference statements)
0
21
0
Order By: Relevance
“…It can be used as a data augmentation technique to generate high quality synthetic samples. Paper [26] investigates into a central issue of how different hashing techniques can be combined to provide a quantitative malware score and to achieve better detection rates. They design and develop a novel approach for malware scoring based on the hashes results.…”
Section: Methods Based On Improvement Deep Learningmentioning
confidence: 99%
“…It can be used as a data augmentation technique to generate high quality synthetic samples. Paper [26] investigates into a central issue of how different hashing techniques can be combined to provide a quantitative malware score and to achieve better detection rates. They design and develop a novel approach for malware scoring based on the hashes results.…”
Section: Methods Based On Improvement Deep Learningmentioning
confidence: 99%
“…Later, Term Frequency-Inverse Document Frequency (TF-IDF) and Information Gain (IG) were also applied as classification algorithms. In 2019, researcher [29] proposed a malware detection approach in the IoT environment based on similarity hashing algorithm-based. In proposed technique, scores of binaries were calculated to identify the similarity between malicious PEs.…”
Section: Related Workmentioning
confidence: 99%
“…In the present study, 10 different marble images, namely Afyon Violet, Barred Marmara, Burdur Coffee, Bursa Dark Beige, Diana Rose, Ege Cofee, Burdur Coffee, Karacabey Black, Toros Black, and Tundra Gray, were classified. The classification performance was evaluated using accuracy, F1score, recall, precision, false-positive, and receiver operating [30][31][32].…”
Section: Metricsmentioning
confidence: 99%