Similarity hash based scoring of portable executable files for efficient malware detection in IoT
| dc.contributor.author | Namanya, Anitta Patience | |
| dc.contributor.author | Awan, Irfan U. | |
| dc.contributor.author | Pagna Disso, Jules | |
| dc.contributor.author | Younas, Muhammad | |
| dc.date.accessioned | 2023-05-05T17:43:25Z | |
| dc.date.available | 2023-05-05T17:43:25Z | |
| dc.date.issued | 2020 | |
| dc.description.abstract | The current rise in malicious attacks shows that existing security systems are bypassed by malicious files. Similarity hashing has been adopted for sample triaging in malware analysis and detection. File similarity is used to cluster malware into families such that their common signature can be designed. This paper explores four hash types currently used in malware analysis for portable executable (PE) files. Although each hashing technique produces interesting results, when applied independently, they have high false detection rates. This paper investigates into a central issue of how different hashing techniques can be combined to provide a quantitative malware score and to achieve better detection rates. We design and develop a novel approach for malware scoring based on the hashes results. The proposed approach is evaluated through a number of experiments. Evaluation clearly demonstrates a significant improvement (> 90%) in true detection rates of malware. | en_US |
| dc.identifier.citation | Namanya, A. P., Awan, I. U., Disso, J. P., & Younas, M. (2020). Similarity hash based scoring of portable executable files for efficient malware detection in IoT. Future Generation Computer Systems, 110, 824-832. https://doi.org/10.1016/j.future.2019.04.044 | en_US |
| dc.identifier.uri | https://doi.org/10.1016/j.future.2019.04.044 | |
| dc.identifier.uri | https://nru.uncst.go.ug/handle/123456789/8639 | |
| dc.language.iso | en | en_US |
| dc.publisher | Future Generation Computer Systems | en_US |
| dc.subject | Malware | en_US |
| dc.subject | Static analysis | en_US |
| dc.subject | Detection | en_US |
| dc.subject | Hashes | en_US |
| dc.subject | Internet of things | en_US |
| dc.title | Similarity hash based scoring of portable executable files for efficient malware detection in IoT | en_US |
| dc.type | Article | en_US |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Similarity hash based scoring of portable executable files for efficient.pdf
- Size:
- 2.05 MB
- Format:
- Adobe Portable Document Format
- Description:
- Article
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: