A survey on run-time packers and mitigation techniques

Alkhateeb, Ehab; Ghorbani, Ali; Habibi Lashkari, Arash

doi:10.1007/s10207-023-00759-y

Cited by 2 publications

(3 citation statements)

References 72 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Figure 7, we utilized the dataset as described in [46], sourced from two distinct origins. The first source consisted of online/benign samples, totaling 2162 samples, representing applications downloaded from the Softpedia website and then manually packed.…”

Section: Dataset Preparationmentioning

confidence: 99%

“…Refer to Table 3 for a detailed breakdown of each benign category and the corresponding sample counts. Additionally, Table 4 showcases the packed samples, focusing on the most popular packers used by malware authors, as reported in [46]. The malware samples used in this experiment were classed based on the packer's family using two signature-based detection repositories.…”

Section: Benign Samplesmentioning

confidence: 99%

“…Figure 7. Dataset construction[46]. This intricate process involves meticulous steps such as data gathering, cleaning, and augmentation, ensuring a diverse and representative collection of samples.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Identifying Malware Packers through Multilayer Feature Engineering in Static Analysis

Alkhateeb,

Ghorbani,

Habibi Lashkari

2024

Information

Self Cite

View full text Add to dashboard Cite

This research addresses a critical need in the ongoing battle against malware, particularly in the form of obfuscated malware, which presents a formidable challenge in the realm of cybersecurity. Developing effective antivirus (AV) solutions capable of combating packed malware remains a crucial endeavor. Packed malicious programs employ encryption and advanced techniques to obfuscate their payloads, rendering them elusive to AV scanners and security analysts. The introduced research presents an innovative malware packer classifier specifically designed to adeptly identify packer families and detect unknown packers in real-world scenarios. To fortify packer identification performance, we have curated a meticulously crafted dataset comprising precisely packed samples, enabling comprehensive training and validation. Our approach employs a sophisticated feature engineering methodology, encompassing multiple layers of analysis to extract salient features used as input to the classifier. The proposed packer identifier demonstrates remarkable accuracy in distinguishing between known and unknown packers, while also ensuring operational efficiency. The results reveal an impressive accuracy rate of 99.60% in identifying known packers and 91% accuracy in detecting unknown packers. This novel research not only significantly advances the field of malware detection but also equips both cybersecurity practitioners and AV engines with a robust tool to effectively counter the persistent threat of packed malware.

show abstract

Section: Dataset Preparationmentioning

confidence: 99%

Section: Benign Samplesmentioning

confidence: 99%