Integrated Feature Extraction Approach Towards Detection of Polymorphic Malware In Executable Files

Loading...
Thumbnail Image
Date
2016
Journal Title
Journal ISSN
Volume Title
Publisher
International Journal of Computer Science and Security (IJCSS
Abstract
Some malware are sophisticated with polymorphic techniques such as self-mutation and emulation based analysis evasion. Most anti-malware techniques are overwhelmed by the polymorphic malware threats that self-mutate with different variants at every attack. This research aims to contribute to the detection of malicious codes, especially polymorphic malware by utilizing advanced static and advanced dynamic analyses for extraction of more informative key features of a malware through code analysis, memory analysis and behavioral analysis. Correlation based feature selection algorithm will be used to transform features; i.e. filtering and selecting optimal and relevant features. A machine learning technique called K-Nearest Neighbor (K-NN) will be used for classification and detection of polymorphic malware. Evaluation of results will be based on the following measurement metrics—True Positive Rate (TPR), False Positive Rate (FPR) and the overall detection accuracy of experiments
Description
Keywords
Malware Detection, Static Analysis, Dynamic Analysis, Polymorphic Malware, Machine Learning
Citation
Masabo, E., Sansa-otim, J., & Hanyurwimfura, D. (2016). Integrated Feature Extraction Approach Towards Detection of Polymorphic Malware In Executable Files. International Journal of Computer Science and Security (IJCSS, 11(2), 25-33.