2019
DOI: 10.1007/978-981-15-1304-6_29
|View full text |Cite
|
Sign up to set email alerts
|

Nowhere Metamorphic Malware Can Hide - A Biological Evolution Inspired Detection Scheme

Abstract: The ability to detect metamorphic malware has generated significant research interest over recent years, particularly given its proliferation on mobile devices. Such malware is particularly hard to detect via signature-based intrusion detection systems due to its ability to change its code over time. This article describes a novel framework which generates sets of potential mutants and then uses them as training data to inform the development of improved detection methods (either in two separate phases or in a… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
25
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
3
2

Relationship

4
1

Authors

Journals

citations
Cited by 5 publications
(25 citation statements)
references
References 30 publications
0
25
0
Order By: Relevance
“…Here, we focus on a two-phase approach to training better malware detectors: in the first phase, an EA is used to evolve a diverse set of mutants that are both malicious and evasive. This was described in previous work [3], [4]. The second-phase is proposed in this paper, in which the evolved data is shown to be beneficial in training improved ML detection models.…”
Section: Related Workmentioning
confidence: 86%
See 4 more Smart Citations
“…Here, we focus on a two-phase approach to training better malware detectors: in the first phase, an EA is used to evolve a diverse set of mutants that are both malicious and evasive. This was described in previous work [3], [4]. The second-phase is proposed in this paper, in which the evolved data is shown to be beneficial in training improved ML detection models.…”
Section: Related Workmentioning
confidence: 86%
“…This section briefly discusses the algorithms employed in the generation of the training samples, which have been documented in [3], [4]. Then, the data-collection and pre-processing steps taken to obtain both normal and malware samples are described.…”
Section: Methodsmentioning
confidence: 99%
See 3 more Smart Citations