A Design of Network Behavior-Based Malware Detection System for Android

2014 ◽  
pp. 590-600 ◽  
Author(s):  
Yincheng Qi ◽  
Mingjing Cao ◽  
Can Zhang ◽  
Ruping Wu
Keyword(s):  
Detection System ◽  
Malware Detection ◽  
Network Behavior ◽  
Behavior Based

Android Malware Detection Using TCP-flow Sequence on Network Behavior-based

2014 ◽  
Vol 11 (6) ◽  
pp. 551-566
Author(s):  
MeongJae Seong ◽  
Haeryong Park ◽  
Bomin Choi ◽  
Eul Gyu Im
Keyword(s):  
Malware Detection ◽  
Network Behavior ◽  
Android Malware ◽  
Android Malware Detection ◽  
Behavior Based

scholarly journals Combined dynamic multi-feature and rule-based behavior for accurate malware detection

2019 ◽  
Vol 15 (11) ◽  
pp. 155014771988990 ◽  
Author(s):  
Mohamed Belaoued ◽  
Abdelaziz Boukellal ◽  
Mohamed Amir Koalal ◽  
Abdelouahid Derhab ◽  
Smaine Mazouzi ◽  
...  
Keyword(s):  
Detection System ◽  
False Positive Rate ◽  
Malware Detection ◽  
Application Programming Interface ◽  
Longest Common Subsequence ◽  
Rule Based ◽  
Detection Techniques ◽  
Application Programming ◽  
Behavior Based ◽  
Programming Interface

Malware have become the scourge of the century, as they are continuously evolving and becoming more complex with increasing damages. Therefore, an adequate protection against such threats is vital. Behavior-based malware detection techniques have shown to be effective at overcoming the weaknesses of the signature-based ones. However, they are known for their high false alarms, which is still a very challenging problem. In this article, we address this shortcoming by proposing a rule-based behavioral malware detection system, which inherits the advantages of both signature and behavior-based approaches. We apply the proposed detection system on a combined set of three types of dynamic features, namely, (1) list of application programming interface calls; (2) application programming interface sequences; and (3) network traffic, which represents the IP addresses and domain names used by malware to connect to remote command-and-control servers. Feature selection and construction techniques, that is, term frequency–inverse document frequency and longest common subsequence, are performed on the three extracted features to generate new set of features, which are used to build behavioral Yet Another Recursive Acronym rules. The proposed malware detection approach is able to achieve an accuracy of 97.22% and a false positive rate of 4.69%.

E-Secure: An Automated Behavior Based Malware Detection System for Corporate E-Mail Traffic

2018 ◽  
pp. 1056-1071 ◽  
Author(s):  
K. Thebeyanthan ◽  
M. Achsuthan ◽  
S. Ashok ◽  
P. Vaikunthan ◽  
A. N. Senaratne ◽  
...  
Keyword(s):  
Detection System ◽  
Malware Detection ◽  
Behavior Based ◽  
E Mail

scholarly journals Malware Detection Based on Code Visualization and Two-Level Classification

Information ◽  
2021 ◽  
Vol 12 (3) ◽  
pp. 118
Author(s):  
Vassilios Moussas ◽  
Antonios Andreatos
Keyword(s):  
Web Applications ◽  
Detection System ◽  
Malware Detection ◽  
Image Features ◽  
Malicious Code ◽  
Malware Analysis ◽  
Malicious Software ◽  
Antivirus Software ◽  
Malware Classification ◽  
Artificial Neural Network Ann

Malware creators generate new malicious software samples by making minor changes in previously generated code, in order to reuse malicious code, as well as to go unnoticed from signature-based antivirus software. As a result, various families of variations of the same initial code exist today. Visualization of compiled executables for malware analysis has been proposed several years ago. Visualization can greatly assist malware classification and requires neither disassembly nor code execution. Moreover, new variations of known malware families are instantly detected, in contrast to traditional signature-based antivirus software. This paper addresses the problem of identifying variations of existing malware visualized as images. A new malware detection system based on a two-level Artificial Neural Network (ANN) is proposed. The classification is based on file and image features. The proposed system is tested on the ‘Malimg’ dataset consisting of the visual representation of well-known malware families. From this set some important image features are extracted. Based on these features, the ANN is trained. Then, this ANN is used to detect and classify other samples of the dataset. Malware families creating a confusion are classified by a second level of ANNs. The proposed two-level ANN method excels in simplicity, accuracy, and speed; it is easy to implement and fast to run, thus it can be applied to antivirus software, smart firewalls, web applications, etc.

scholarly journals An Efficient DenseNet-Based Deep Learning Model for Malware Detection

Entropy ◽  
2021 ◽  
Vol 23 (3) ◽  
pp. 344
Author(s):  
Jeyaprakash Hemalatha ◽  
S. Abijah Roseline ◽  
Subbiah Geetha ◽  
Seifedine Kadry ◽  
Robertas Damaševičius
Keyword(s):  
Deep Learning ◽  
Detection System ◽  
Malware Detection ◽  
Class Imbalance ◽  
Learning Model ◽  
Computational Time ◽  
Learning Approaches ◽  
Security Threat ◽  
Static And Dynamic Analysis ◽  
Deep Learning Model

Recently, there has been a huge rise in malware growth, which creates a significant security threat to organizations and individuals. Despite the incessant efforts of cybersecurity research to defend against malware threats, malware developers discover new ways to evade these defense techniques. Traditional static and dynamic analysis methods are ineffective in identifying new malware and pose high overhead in terms of memory and time. Typical machine learning approaches that train a classifier based on handcrafted features are also not sufficiently potent against these evasive techniques and require more efforts due to feature-engineering. Recent malware detectors indicate performance degradation due to class imbalance in malware datasets. To resolve these challenges, this work adopts a visualization-based method, where malware binaries are depicted as two-dimensional images and classified by a deep learning model. We propose an efficient malware detection system based on deep learning. The system uses a reweighted class-balanced loss function in the final classification layer of the DenseNet model to achieve significant performance improvements in classifying malware by handling imbalanced data issues. Comprehensive experiments performed on four benchmark malware datasets show that the proposed approach can detect new malware samples with higher accuracy (98.23% for the Malimg dataset, 98.46% for the BIG 2015 dataset, 98.21% for the MaleVis dataset, and 89.48% for the unseen Malicia dataset) and reduced false-positive rates when compared with conventional malware mitigation techniques while maintaining low computational time. The proposed malware detection solution is also reliable and effective against obfuscation attacks.

Sign in / Sign up

Export Citation Format

Share Document