scholarly journals An incremental malware detection model for meta-feature API and system call sequence

2020 ◽  
Author(s):  
Pushkar Kishore ◽  
Swadhin Kumar Barisal ◽  
Durga Prasad Mohapatra
Keyword(s):  
Malware Detection ◽  
System Call ◽  
Detection Model ◽  
Call Sequence

scholarly journals Packed malware variants detection using deep belief networks

2020 ◽  
Vol 309 ◽  
pp. 02002 ◽  
Author(s):  
Zhigang Zhang ◽  
Chaowen Chang ◽  
Peisheng Han ◽  
Hongtao Zhang
Keyword(s):  
Information Gain ◽  
Malware Detection ◽  
Normal System ◽  
Detection Accuracy ◽  
System Call ◽  
Security Threats ◽  
Malware Analysis ◽  
Deep Belief Networks ◽  
Detection Model ◽  
Detection Technology

Malware is one of the most serious network security threats. To detect unknown variants of malware, many researches have proposed various methods of malware detection based on machine learning in recent years. However, modern malware is often protected by software packers, obfuscation, and other technologies, which bring challenges to malware analysis and detection. In this paper, we propose a system call based malware detection technology. By comparing malware and benign software in a sandbox environment, a sensitive system call context is extracted based on information gain, which reduces obfuscation caused by a normal system call. By using the deep belief network, we train a malware detection model with sensitive system call context to improve the detection accuracy.

An Opcode-Based Malware Detection Model Using Supervised Learning Algorithms

2021 ◽  
Vol 15 (4) ◽  
pp. 18-30
Author(s):  
Om Prakash Samantray ◽  
Satya Narayan Tripathy
Keyword(s):  
Supervised Learning ◽  
Learning Algorithms ◽  
Malware Detection ◽  
Support Vector ◽  
Detection Accuracy ◽  
Detection Techniques ◽  
Detection Model ◽  
Proposed Model ◽  
Tree Classifier ◽  
Supervised Learning Algorithms

There are several malware detection techniques available that are based on a signature-based approach. This approach can detect known malware very effectively but sometimes may fail to detect unknown or zero-day attacks. In this article, the authors have proposed a malware detection model that uses operation codes of malicious and benign executables as the feature. The proposed model uses opcode extract and count (OPEC) algorithm to prepare the opcode feature vector for the experiment. Most relevant features are selected using extra tree classifier feature selection technique and then passed through several supervised learning algorithms like support vector machine, naive bayes, decision tree, random forest, logistic regression, and k-nearest neighbour to build classification models for malware detection. The proposed model has achieved a detection accuracy of 98.7%, which makes this model better than many of the similar works discussed in the literature.

scholarly journals Automatic Benchmark Generation Framework for Malware Detection

2018 ◽  
Vol 2018 ◽  
pp. 1-8 ◽  
Author(s):  
Guanghui Liang ◽  
Jianmin Pang ◽  
Zheng Shan ◽  
Runqing Yang ◽  
Yihang Chen
Keyword(s):  
Initial Data ◽  
Malware Detection ◽  
Detection Methods ◽  
Small Data ◽  
Security Threats ◽  
Improved Genetic Algorithm ◽  
Data Set ◽  
Detection Model ◽  
Manual Selection ◽  
Selection Of

To address emerging security threats, various malware detection methods have been proposed every year. Therefore, a small but representative set of malware samples are usually needed for detection model, especially for machine-learning-based malware detection models. However, current manual selection of representative samples from large unknown file collection is labor intensive and not scalable. In this paper, we firstly propose a framework that can automatically generate a small data set for malware detection. With this framework, we extract behavior features from a large initial data set and then use a hierarchical clustering technique to identify different types of malware. An improved genetic algorithm based on roulette wheel sampling is implemented to generate final test data set. The final data set is only one-eighteenth the volume of the initial data set, and evaluations show that the data set selected by the proposed framework is much smaller than the original one but does not lose nearly any semantics.

Research on Dynamic Intrusion Detection Model Based on Risk Coefficient

2010 ◽  
Vol 129-131 ◽  
pp. 124-127 ◽  
Author(s):  
Zheng Wei ◽  
Jun Yi Hou ◽  
Hua Tan ◽  
Guang Nan Guo
Keyword(s):  
Intrusion Detection ◽  
Detection Method ◽  
System Call ◽  
Security Technology ◽  
Detection Model ◽  
Risk Coefficient ◽  
Detection Technology ◽  
System Risk ◽  
Effectiveness And Efficiency ◽  
Definition Of

Intrusion detection technology is a kind of network security technology that can protect system from attacks. Based on the definition of system call risk coefficient, the paper brought out a system risk coefficient based dynamic intrusion detection model. Using the model, the drawbacks of traditional intrusion detection method based on system call was solved, which speeds up detection process and decreased false rate and error rate. It can also effectively identify error operations or users. The experiment result also proves the effectiveness and efficiency of the method.

Sign in / Sign up

Export Citation Format

Share Document