Malware examiner using disassembled code (MEDiC)

Sulaiman, Anthonius; Ramamoorthy, K.; Mukkamala, Srinivas; Sung, Andrew H.

doi:10.1109/iaw.2005.1495985

Cited by 6 publications

(5 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this approach, the code is put under observation and approximate runtime behavior/pattern is predicted to detect the malware. In the static approach, many detection mechanisms are proposed such as annotated context-free graph [125], disassembled code [126], portable executable binary code [127] and honeypots [128]. Using this technique dynamic analysis of the malware is difficult to conceal.…”

Section: Malware Detectionmentioning

confidence: 99%

Applications in Security and Evasions in Machine Learning: A Survey

2020

View full text Add to dashboard Cite

In recent years, machine learning (ML) has become an important part to yield security and privacy in various applications. ML is used to address serious issues such as real-time attack detection, data leakage vulnerability assessments and many more. ML extensively supports the demanding requirements of the current scenario of security and privacy across a range of areas such as real-time decision-making, big data processing, reduced cycle time for learning, cost-efficiency and error-free processing. Therefore, in this paper, we review the state of the art approaches where ML is applicable more effectively to fulfill current real-world requirements in security. We examine different security applications’ perspectives where ML models play an essential role and compare, with different possible dimensions, their accuracy results. By analyzing ML algorithms in security application it provides a blueprint for an interdisciplinary research area. Even with the use of current sophisticated technology and tools, attackers can evade the ML models by committing adversarial attacks. Therefore, requirements rise to assess the vulnerability in the ML models to cope up with the adversarial attacks at the time of development. Accordingly, as a supplement to this point, we also analyze the different types of adversarial attacks on the ML models. To give proper visualization of security properties, we have represented the threat model and defense strategies against adversarial attack methods. Moreover, we illustrate the adversarial attacks based on the attackers’ knowledge about the model and addressed the point of the model at which possible attacks may be committed. Finally, we also investigate different types of properties of the adversarial attacks.

show abstract

Section: Malware Detectionmentioning

confidence: 99%

Applications in Security and Evasions in Machine Learning: A Survey

2020

View full text Add to dashboard Cite

show abstract

“…Considering structural information only, however, can cause high false positives and false negatives. 3 Our method follows the same research direction of [28] and [8], but our approach not only considers structural information of malware, but the functionalities of basic blocks are also considered as well, which is a more fine-grained approach.…”

Section: Motivationmentioning

confidence: 99%

A New Approach to Malware Detection

Tang¹,

Zhu²,

Ren

2009

Advances in Information Security and Assurance

View full text Add to dashboard Cite

“…Generally, users come to know about the existence of a malware when malware starts to perform malicious activity in the system. The term ‘malware’ is created after merging two basic terms ‘malicious’ and ‘software’ . Today, there are various antivirus products, which are capable enough to detect and remove most of the malwares.…”

Section: Introductionmentioning

confidence: 99%

Metamorphic malware detection using base malware identification approach

Mahawer

Nagaraju

2013

Security Comm Networks

View full text Add to dashboard Cite

Malware is a malicious program that is intentionally developed to harm computer systems. Because the metamorphic malwares are advanced in nature, they mutate their code in each generation by employing code obfuscation techniques to thwart detection. Conventional scanners even fail to detect all variants of such malware. In the view of metamorphic malware detection, we have proposed the concept of machine learning approach like support vector machine with histogram intersection kernel. It has been successfully implemented in the area of image classification, bioinformatics (protein classification and cancer classification). This method provides more accuracy in terms of detection rate to build the effective detection system for metamorphic malwares. In the proposed method, we first extract feature histograms from each portable executable file and map them into the feature space using a histogram intersection kernel. The histogram intersection kernel helps us to find the optimal hyperplane for separating the metamorphic variants from benign programs in a feature space of very high dimension. The results show that our proposed method is capable of detecting metamorphic variants with few false alarms or misses.

show abstract

Malware examiner using disassembled code (MEDiC)

Cited by 6 publications

References 2 publications

Applications in Security and Evasions in Machine Learning: A Survey

Applications in Security and Evasions in Machine Learning: A Survey

A New Approach to Malware Detection

Metamorphic malware detection using base malware identification approach

Contact Info

Product

Resources

About