Imaging and evaluating the memory access for malware

Yücel, Çağatay; Koltuksuz, Ahmet

doi:10.1016/j.fsidi.2019.200903

Cited by 16 publications

(8 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…6 exhibits dynamic malware classifier's accuracy. The authors in [4], [104],and [17] some researchers have reached more than 99 % accuracy. The authors [116] generated the highest precision of 99.…”

Section: Hybrid Malware Detectionmentioning

confidence: 97%

See 1 more Smart Citation

A Comprehensive Study for Malware Detection through Machine Learning in Executable Files

Ahmad

2024

IJECI

View full text Add to dashboard Cite

Two methods are frequently used to analyze malware and start specimens: static analysis and dynamic analysis. Following analysis, distinct characteristics are retrieved to distinguish malware from benign samples. The detection capacity of malware is contingent upon the effectiveness with which discriminative malware characteristics are retrieved through analysis methods. While conventional approaches and techniques were used inadvertently, machine learning algorithms are now utilized to classify malware, which can deal with the complexity and velocity of malware creation. However, even though a few research papers have been published, recent classifications of signature, behavioral and hybrid machine learning is not introduced well. Based on this demand, we provide a comprehensive analysis of malware detection using machine learning, as well as address the different difficulties associated with building the malware classifier. Finally, future work is addressed to build an effective malware detection system by addressing different malware detection problems.

show abstract

Section: Hybrid Malware Detectionmentioning

confidence: 97%

“…This technique has a 99% accuracy rate in terms of malware identification. Yucel et al presented a techniques for creating executable memory file images [104]. A total of 123 malware samples from various families were collected.…”

Section: Behavior-based Malware Detectionmentioning

confidence: 99%

A Comprehensive Study for Malware Detection through Machine Learning in Executable Files

Ahmad

2024

IJECI

View full text Add to dashboard Cite

show abstract

“…Memory forensic analysis can be done for various purposes such as cyber crime investigation, malware analysis, information security incident response, digital forensics, etc. [31]. The keylogging procedure on the target starts with this command.…”

Section: Figure 10 Hard Drive Storage Investigation F) Memory Forensicmentioning

confidence: 99%

Enhancing Cybersecurity Through Live Forensic Investigation of Remote Access Trojan Attacks using FTK Imager Software

Ritzkal,

Hendrawan,

Kurniawan

et al. 2024

IJSSE

View full text Add to dashboard Cite

This study discusses using FTK Imager software for live forensic investigations in order to track and analyze Remote Access Trojan assaults. In addition to helping organizations safeguard their assets and data against harmful cyberattacks, our research aims to improve computer system security. The knowledge of the presence of the Remote Access Trojan virus, notwithstanding its removal, is the advantage of this research. Installation of Kali Linux, forensic analysis using FTK Imager, and the development and usage of viruses are all part of this study methodology. The process included installing Kali Linux as a platform for the creation and execution of viruses, identifying and analyzing the presence of viruses using FTK Imager, and identifying and analyzing Remote Access Trojan attacks using disk and memory forensic analysis techniques. The research findings indicate that as soon as the target opens the generated virus, the executor gains complete access to the target machine. This allows the executor to follow the target around and record everything it does. As a forensic investigation tool, FTK Imager must be installed on the target in order to detect the virus that the executor developed. The target will thus find it simpler to use memory forensics or disk forensics to look for files created by the executor. describes how to use FTK Imager software to observe and analyze Remote Access Trojan assaults for use in real-world forensic investigations.

show abstract

“…The detection accuracy of the method reached 99.3%. In some recent studies, researchers have turned their attention to in-memory; Yucel et al [17] proposed a technique based on an in-memory image of an executable file, they used a virtual machine to execute a malware sample and created a 3D image of the memory, using the similarity calculation between 3D images and known malware to detect malware. In addition, there are some studies on exploiting the network traffic of malware [18,19] for detection.…”

Section: Related Workmentioning

confidence: 99%

Classification of Malware Families Based on Efficient-Net and 1D-CNN Fusion

et al. 2022

View full text Add to dashboard Cite

A malware family classification method based on Efficient-Net and 1D-CNN fusion is proposed. Given the problem that some local information of malware itself as one-dimensional data will be lost when the malware is imaged, the malware is converted into an image and one-dimensional vector and then input into two neural networks. The network of two-dimensional convolution architecture is used to extract the texture features of malware, and the one-dimensional convolution is used to extract the features of local adjacent information, the deep characteristics of different networks are fused, and the two networks are modified at the same time during backpropagation. This method not only extracts the texture features of malware but also saves the features of the malware itself as one-dimensional data, which shows better performance for multiple datasets.

show abstract

Imaging and evaluating the memory access for malware

Cited by 16 publications

References 15 publications

A Comprehensive Study for Malware Detection through Machine Learning in Executable Files

A Comprehensive Study for Malware Detection through Machine Learning in Executable Files

Enhancing Cybersecurity Through Live Forensic Investigation of Remote Access Trojan Attacks using FTK Imager Software

Classification of Malware Families Based on Efficient-Net and 1D-CNN Fusion

Contact Info

Product

Resources

About