Support Vector Machines and Metamorphic Malware Detection

Singh, Tanuvir

doi:10.31979/etd.43jb-raq4

Cited by 2 publications

(3 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [49], Hidden Markov Models are used to effectively classify metamorphic malware, based on extracted opcode sequences. A similar analysis involving Profile Hidden Markov Models is considered in [4], while Principal Component Analysis is used in [26] and [16], and Support Vector Machines are used for malware detection in [40]. The paper [3] employs clustering, based on features derived from static analysis, for malware classification.…”

Section: Static Analysismentioning

confidence: 99%

“…A wide array of advanced detection techniques have been considered in the literature. Some detection techniques rely only on static analysis [3,4,6,11,15,16,26,38,39,40,42], that is, features that can be obtained without executing the software. In addition, dynamic analysis has been successfully applied to the malware detection problem [1,2,12,19,21,27,30,31,32,33,50].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Comparison of Static, Dynamic, and Hybrid Analysis for Malware Detection

Damodaran,

Di Troia,

Corrado

et al. 2022

Preprint

View full text Add to dashboard Cite

In this research, we compare malware detection techniques based on static, dynamic, and hybrid analysis. Specifically, we train Hidden Markov Models (HMMs ) on both static and dynamic feature sets and compare the resulting detection rates over a substantial number of malware families. We also consider hybrid cases, where dynamic analysis is used in the training phase, with static techniques used in the detection phase, and vice versa. In our experiments, a fully dynamic approach generally yields the best detection rates. We discuss the implications of this research for malware detection based on hybrid techniques.

show abstract

Section: Static Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Comparison of Static, Dynamic, and Hybrid Analysis for Malware Detection

Damodaran,

Di Troia,

Corrado

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Their work was improved upon by the use of n-grams of byte codes as features of the classifier [10]. The researcher in [11] utilized opcode sequence with support vector machine algorithm to identify malicious executables. The Application Programming Interface (API) sequence in the code was used in detecting malware and proved to be effective and faster as compared to assembly analysis [12].…”

Section: A Static Analysis Techniquementioning

confidence: 99%

MSIC: Malware Spectrogram Image Classification

Azab

Khasawneh

2020

IEEE Access

View full text Add to dashboard Cite

The heavy reliance on digital technology, by individuals and organizations, has reshaped the traditional economy into a digital economy. In response, cybercriminals' attention has shifted dramatically from showing off skills and conducting individual attacks into high sophisticated attacks with financial gain as the goal. This, inevitably, poses a challenge to the cybersecurity community as they strive to find solutions to preserve the confidentiality, availability and integrity of the individual users' and corporates' private data and services. Cybercriminals mainly deploy malware to achieve their goals, which could be in the form of ransomware, botnets, etc. The use of encryption, packing and polymorphism techniques makes it harder to detect the malware files, especially when these are created in great numbers every day. In this paper, a novel framework, named Malware Spectrogram Image Classification (MSIC), is proposed. It employs spectrogram images in conjunction with the convolution neural network to classify a malware file to its corresponding family and to differentiate it from a benign file. Further, this research shares with the research community two privately collected labeled malicious and benign datasets. The evaluation of MSIC showed its effectiveness to be 91.6% F-measure and 92.8% accuracy in classifying malware files to their corresponding families, in comparison to, respectively, 90.6% and 92.3% results produced by the grayscale image classification approach. Likewise, in classifying files as malicious or benign, MSIC scored 96% F-measure and accuracy results compared to 95.5% with the grayscale solution. Also, MSIC required less computational time in converting and resizing the files than the grayscale framework.

show abstract

Support Vector Machines and Metamorphic Malware Detection

Cited by 2 publications

References 23 publications

A Comparison of Static, Dynamic, and Hybrid Analysis for Malware Detection

A Comparison of Static, Dynamic, and Hybrid Analysis for Malware Detection

MSIC: Malware Spectrogram Image Classification

Contact Info

Product

Resources

About