Analysis and Evaluation of Dynamic Feature-Based Malware Detection Methods

2019 ◽  
pp. 247-258 ◽  
Author(s):  
Arzu Gorgulu Kakisim ◽  
Mert Nar ◽  
Necmettin Carkaci ◽  
Ibrahim Sogukpinar
Keyword(s):  
Malware Detection ◽  
Detection Methods ◽  
Dynamic Feature ◽  
Analysis And Evaluation ◽  
Feature Based

scholarly journals Dynamic detection of mobile malware using smartphone data and machine learning

2021 ◽  
Author(s):  
Sebastian Panman de Wit ◽  
Doina Bucur ◽  
Jeroen van der Ham
Keyword(s):  
Machine Learning ◽  
Malware Detection ◽  
Real Life ◽  
Detection Methods ◽  
Nearest Neighbour ◽  
Dynamic Features ◽  
Machine Learning Classifiers ◽  
Cpu Usage ◽  
Mobile Malware ◽  
Mobile Malware Detection

Mobile malware are malicious programs that target mobile devices. They are an increasing problem, as seen in the rise of detected mobile malware samples per year. The number of active smartphone users is expected to grow, stressing the importance of research on the detection of mobile malware. Detection methods for mobile malware exist but are still limited. In this paper, we propose dynamic malware-detection methods that use device information such as the CPU usage, battery usage, and memory usage for the detection of 10 subtypes of Mobile Trojans on the Android Operating System (OS). We use a real-life sensor dataset containing device and malware data from 47 users for a year (2016) to create multiple mobile malware detection methods. We examine which features, i.e. aspects, of a device, are most important to monitor to detect (subtypes of) Mobile Trojans. The focus of this paper is on dynamic hardware features. Using these dynamic features we apply the following machine learning classifiers: Random Forest, K-Nearest Neighbour, and AdaBoost.

scholarly journals Survey on Mobile Malware Analysis and Detection

2018 ◽  
Vol 7 (2.32) ◽  
pp. 279 ◽  
Author(s):  
K Swetha ◽  
K V.D.Kiran
Keyword(s):  
Mobile Phones ◽  
Malware Detection ◽  
Detection Methods ◽  
Classification Algorithms ◽  
Malware Analysis ◽  
Consistent System ◽  
Malware Classification ◽  
Mobile Malware

The amazing advances of mobile phones enable their wide utilize. Since mobiles are joined with pariah applications, bundles of security and insurance issues are incited. But, current mobile malware analysis and detection advances are as yet flawed, incapable, and incomprehensive. On account of particular qualities of mobiles such as constrained assets, user action and neighborhood correspondence ability, consistent system network, versatile malware detection faces new difficulties, particularly on remarkable runtime malware area. This paper provides overview on  malware classification, methodologies of assessment, analysis and on and off device detection methods on android. The work mainly focuses on different classification algorithms which are used as a part of dynamic malware detection on android.  

scholarly journals Permission Sensitivity-Based Malicious Application Detection for Android

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Yubo Song ◽  
Yijin Geng ◽  
Junbo Wang ◽  
Shang Gao ◽  
Wei Shi
Keyword(s):  
Detection Method ◽  
Malware Detection ◽  
Feature Selection Method ◽  
Machine Learning Algorithms ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection ◽  
Private Data ◽  
Weight Allocation

Since a growing number of malicious applications attempt to steal users’ private data by illegally invoking permissions, application stores have carried out many malware detection methods based on application permissions. However, most of them ignore specific permission combinations and application categories that affect the detection accuracy. The features they extracted are neither representative enough to distinguish benign and malicious applications. For these problems, an Android malware detection method based on permission sensitivity is proposed. First, for each kind of application categories, the permission features and permission combination features are extracted. The sensitive permission feature set corresponding to each category label is then obtained by the feature selection method based on permission sensitivity. In the following step, the permission call situation of the application to be detected is compared with the sensitive permission feature set, and the weight allocation method is used to quantify this information into numerical features. In the proposed method of malicious application detection, three machine-learning algorithms are selected to construct the classifier model and optimize the parameters. Compared with traditional methods, the proposed method consumed 60.94% less time while still achieving high accuracy of up to 92.17%.

scholarly journals Automatic Benchmark Generation Framework for Malware Detection

2018 ◽  
Vol 2018 ◽  
pp. 1-8 ◽  
Author(s):  
Guanghui Liang ◽  
Jianmin Pang ◽  
Zheng Shan ◽  
Runqing Yang ◽  
Yihang Chen
Keyword(s):  
Initial Data ◽  
Malware Detection ◽  
Detection Methods ◽  
Small Data ◽  
Security Threats ◽  
Improved Genetic Algorithm ◽  
Data Set ◽  
Detection Model ◽  
Manual Selection ◽  
Selection Of

To address emerging security threats, various malware detection methods have been proposed every year. Therefore, a small but representative set of malware samples are usually needed for detection model, especially for machine-learning-based malware detection models. However, current manual selection of representative samples from large unknown file collection is labor intensive and not scalable. In this paper, we firstly propose a framework that can automatically generate a small data set for malware detection. With this framework, we extract behavior features from a large initial data set and then use a hierarchical clustering technique to identify different types of malware. An improved genetic algorithm based on roulette wheel sampling is implemented to generate final test data set. The final data set is only one-eighteenth the volume of the initial data set, and evaluations show that the data set selected by the proposed framework is much smaller than the original one but does not lose nearly any semantics.

Web-Enabled Feature-Based Modeling in a Distributed Design Environment

1999 ◽  
Author(s):  
Jae Yeol Lee ◽  
Hyun Kim ◽  
Sung-Bae Han
Keyword(s):  
Collaborative Design ◽  
Feature Modeling ◽  
Feature Model ◽  
Internet Technology ◽  
Global Network ◽  
Dynamic Feature ◽  
Distributed Design ◽  
Product Modeling ◽  
Design Environment ◽  
Feature Based

Abstract Network and Internet technology open up another domain for building future CAD/CAM environments. The environment will be global, network-centric, and spatially distributed. In this paper, we present Web-enabled feature-based modeling in a distributed design environment. The presented approach combines the current feature-based modeling technique with distributed computing and communication technology for supporting product modeling and collaborative design activities over the network. The approach is implemented in a client/server architecture, in which Web-enabled feature modeling clients, neutral feature model server, and other applications communicate with one another via a standard communication protocol. The paper discusses how the neutral feature model supports multiple views and maintains naming consistency between geometric entities of the server and clients as the user edits the part in a client. Moreover, it explains how to minimize the network delay between the server and client according to dynamic feature modeling operations.

Intelligent Malware Detection Using Deep Dilated Residual Networks for Cyber Security

2021 ◽  
pp. 1085-1099
Author(s):  
S. Abijah Roseline ◽  
S. Geetha
Keyword(s):  
Machine Learning ◽  
Cyber Security ◽  
Machine Learning Algorithms ◽  
Human Interaction ◽  
Machine Learning Techniques ◽  
Detection Methods ◽  
Security Threat ◽  
Signature Detection ◽  
Learning Techniques ◽  
Feature Based

Malware is the most serious security threat, which possibly targets billions of devices like personal computers, smartphones, etc. across the world. Malware classification and detection is a challenging task due to the targeted, zero-day, and stealthy nature of advanced and new malwares. The traditional signature detection methods like antivirus software were effective for detecting known malwares. At present, there are various solutions for detection of such unknown malwares employing feature-based machine learning algorithms. Machine learning techniques detect known malwares effectively but are not optimal and show a low accuracy rate for unknown malwares. This chapter explores a novel deep learning model called deep dilated residual network model for malware image classification. The proposed model showed a higher accuracy of 98.50% and 99.14% on Kaggle Malimg and BIG 2015 datasets, respectively. The new malwares can be handled in real-time with minimal human interaction using the proposed deep residual model.

scholarly journals An API Semantics-Aware Malware Detection Method Based on Deep Learning

2019 ◽  
Vol 2019 ◽  
pp. 1-9 ◽  
Author(s):  
Xin Ma ◽  
Shize Guo ◽  
Wei Bai ◽  
Jun Chen ◽  
Shiming Xia ◽  
...  
Keyword(s):  
Machine Learning ◽  
Detection Method ◽  
Malware Detection ◽  
Poor Performance ◽  
Detection Methods ◽  
Interference Detection ◽  
Machine Learning Method ◽  
Accuracy Rate ◽  
Malware Classification ◽  
Self Protection

The explosive growth of malware variants poses a continuously and deeply evolving challenge to information security. Traditional malware detection methods require a lot of manpower. However, machine learning has played an important role on malware classification and detection, and it is easily spoofed by malware disguising to be benign software by employing self-protection techniques, which leads to poor performance for existing techniques based on the machine learning method. In this paper, we analyze the local maliciousness about malware and implement an anti-interference detection framework based on API fragments, which uses the LSTM model to classify API fragments and employs ensemble learning to determine the final result of the entire API sequence. We present our experimental results on Ali-Tianchi contest API databases. By comparing with the experiments of some common methods, it is proved that our method based on local maliciousness has better performance, which is a higher accuracy rate of 0.9734.

scholarly journals A Dynamic Feature-Based Method for Hybrid Blurred/Multiple Object Detection in Manufacturing Processes

2016 ◽  
Vol 2016 ◽  
pp. 1-13 ◽  
Author(s):  
Tsun-Kuo Lin
Keyword(s):  
Wavelet Transform ◽  
Region Growing ◽  
Support Vector ◽  
Manufacturing Processes ◽  
Dynamic Feature ◽  
Classification Methods ◽  
Multiple Objects ◽  
Multiple Object ◽  
Feature Based ◽  
Inspection Schemes

Vision-based inspection has been applied for quality control and product sorting in manufacturing processes. Blurred or multiple objects are common causes of poor performance in conventional vision-based inspection systems. Detecting hybrid blurred/multiple objects has long been a challenge in manufacturing. For example, single-feature-based algorithms might fail to exactly extract features when concurrently detecting hybrid blurred/multiple objects. Therefore, to resolve this problem, this study proposes a novel vision-based inspection algorithm that entails selecting a dynamic feature-based method on the basis of a multiclassifier of support vector machines (SVMs) for inspecting hybrid blurred/multiple object images. The proposed algorithm dynamically selects suitable inspection schemes for classifying the hybrid images. The inspection schemes include discrete wavelet transform, spherical wavelet transform, moment invariants, and edge-feature-descriptor-based classification methods. The classification methods for single and multiple objects are adaptive region growing- (ARG-) based and local adaptive region growing- (LARG-) based learning approaches, respectively. The experimental results demonstrate that the proposed algorithm can dynamically select suitable inspection schemes by applying a selection algorithm, which uses SVMs for classifying hybrid blurred/multiple object samples. Moreover, the method applies suitable feature-based schemes on the basis of the classification results for employing the ARG/LARG-based method to inspect the hybrid objects. The method improves conventional methods for inspecting hybrid blurred/multiple objects and achieves high recognition rates for that in manufacturing processes.

Sign in / Sign up

Export Citation Format

Share Document