2015
DOI: 10.1155/2015/659101
|View full text |Cite
|
Sign up to set email alerts
|

A Novel Approach to Detect Malware Based on API Call Sequence Analysis

Abstract: In the era of ubiquitous sensors and smart devices, detecting malware is becoming an endless battle between ever-evolving malware and antivirus programs that need to process ever-increasing security related data. For malware detection, various approaches have been proposed. Among them, dynamic analysis is known to be effective in terms of providing behavioral information. As malware authors increasingly use obfuscation techniques, it becomes more important to monitor how malware behaves for its detection. In t… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

1
98
0
1

Year Published

2017
2017
2024
2024

Publication Types

Select...
5
2
1

Relationship

0
8

Authors

Journals

citations
Cited by 190 publications
(100 citation statements)
references
References 27 publications
1
98
0
1
Order By: Relevance
“…Here, they follow a reverse engineering approach to detect the malware. Many researchers used API call sequences to analyze behavior of portable executable (PE) code 10,8 . Most of these techniques fail due to use of obfuscation techniques for development of malware.…”
Section: Related Workmentioning
confidence: 99%
See 2 more Smart Citations
“…Here, they follow a reverse engineering approach to detect the malware. Many researchers used API call sequences to analyze behavior of portable executable (PE) code 10,8 . Most of these techniques fail due to use of obfuscation techniques for development of malware.…”
Section: Related Workmentioning
confidence: 99%
“…For an unknown sample, its profile is compared to a known profile for finding its similarity and predict family of malware sample. Dynamic techniques involve generation of a profile of malware samples either by analyzing control flows or API calls 10 . Both of these profile generation approaches involve finding the similarity of test samples with an existing profile.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…Detours, originally provided by Microsoft as a library, is very popular and used in various different projects such as Ref. [29]. the execution sequence of a Detours setup.…”
Section: Inline Function Patchingmentioning
confidence: 99%
“…In [9] to capture the common API sequence among different malware categories, the longest common sequence (LCS) algorithm is used. The captured sequences are treated as the signature.…”
Section: Introductionmentioning
confidence: 99%