Structural Feature Engineering approach for detecting polymorphic malware

Masabo, Emmanuel; Kaawaase, Kyanda Swaib; Sansa-Otim, Julianne; Hanyurwimfura, Damien

Structural Feature Engineering approach for detecting polymorphic malware

Files

Structural Feature Engineering approach for detecting.pdf (417.12 KB)

Date

2017

Authors

Masabo, Emmanuel

Kaawaase, Kyanda Swaib

Sansa-Otim, Julianne

Hanyurwimfura, Damien

Publisher

IEEE

Abstract

Currently, malware are distributed in a polymorphic form. There are very smart and obfuscated. This serves the purpose of hardening detection or simply making it impossible. Researchers have mainly resorted to static analysis, dynamic analysis or a combination of both in attempting to find advanced solutions to polymorphic malware detection problems. This paper presents a novel simple feature engineering approach in terms of extracting, analyzing and processing static based features for efficient detection of polymorphic malware. K-NN algorithm is used to build the detection model. Our experiments achieve a detection accuracy of 98.7% with 0.014% False Positive Rate (FPR) on a relatively small dataset.

Keywords

Polymorphic malware, Static analysis, Machine learning

Citation

Masabo, E., Kaawaase, K. S., Sansa-Otim, J., & Hanyurwimfura, D. (2017, November). Structural Feature Engineering approach for detecting polymorphic malware. In 2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech) (pp. 716-721). IEEE.

URI

https://ieeexplore.ieee.org/abstract/document/8328469/
https://nru.uncst.go.ug/handle/123456789/3163

Collections

Engineering and Technology

Full item page