2019 2nd International Conference on Computer Applications &Amp; Information Security (ICCAIS) 2019
DOI: 10.1109/cais.2019.8769564
|View full text |Cite
|
Sign up to set email alerts
|

A Review Paper of Malware Detection Using API Call Sequences

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
5
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
6
1

Relationship

0
7

Authors

Journals

citations
Cited by 7 publications
(5 citation statements)
references
References 13 publications
0
5
0
Order By: Relevance
“…With the development of machine learning, it has been observed that these techniques are being used in the field of malware analysis. To use API calls as the feature vector is one of the first usages of machine learning algorithms for malicious software analysis (Mira, 2019). N-grams are other commonly used methods for the quantification of API calls.…”
Section: Introductionmentioning
confidence: 99%
“…With the development of machine learning, it has been observed that these techniques are being used in the field of malware analysis. To use API calls as the feature vector is one of the first usages of machine learning algorithms for malicious software analysis (Mira, 2019). N-grams are other commonly used methods for the quantification of API calls.…”
Section: Introductionmentioning
confidence: 99%
“…This study conducted a comprehensive review of the approaches for detecting malware only based on sample operation codes (OpCodes) and drew useful insights towards them. As mentioned earlier, this study focused on the malware OpCodes features and dropped the other malware features like API system calls features such in [5][38][39][40] [70] and text features such as in [38][39][40] [71][72] due to their limitations, since the former could be decoyed when the evader uses his own developed OpCodes instructions written from the ground up instead of uses of the formal API system calls. As well, it dropped the latter because the garbag of text that could be injected into the malware, which evades detection, too.…”
Section: Recommendations and Future Directionsmentioning
confidence: 99%
“…The list of acronyms Among the widely used malware feature datasets, such as API system calls features, registry activities features, file activities features, process activities features, network activities features, operation codes (OpCodes) features, and text features, this study selected operation codes (OpCodes) features. The study chose operation codes (OpCodes) features because the review of the approaches for detecting malware only based on sample OpCodes has not been addressed before, OpCodes features immune against decoying unlike API systems call and text features [38], [39], [40] and shared in the next significant contributions: 1. To the best of our knowledge, this study has made the first attempt to provide a comparison of the approaches for detecting malware only based on sample OpCodes.…”
Section: Introductionmentioning
confidence: 99%
“…As the proportion of programs expanded to 64-bit increases, additional defense techniques are also required. A study to block malicious DLL execution was also presented, Syed et al (2015) proposed a technique to block malicious DLLs loaded in memory by detecting Windows API hooking [13], Mira (2019) proposed a method to detect abnormal activity by analyzing DLL data and monitoring the sequence of API calls to block the inflow of malicious DLLs [14]. However, as proposed by Shankarapani et al (2011) [15], Yusirwan et al (2015) [16], Bae et al (2019) [17], presented the technical method to conceal and obfuscate the malware execution routine, these case of deliberately packed advanced malware, these malicious codes have limitations in lowering the success rate of not only API trendbased detection techniques but also code data-based detection techniques.…”
Section: Related Workmentioning
confidence: 99%