Malware detection based on hybrid signature behavior application programming interface call graph

Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection fie...

Full description

Saved in:
Bibliographic Details
Main Authors: Elhadi, Ammar Ahmed E., Maarof, Mohd Aizaini, Osman, Ahmed Hamza
Format: Article
Published: Science Publications 2012
Subjects:
Online Access:http://eprints.utm.my/id/eprint/47170/
http://dx.doi.org/10.3844/ajassp.2012.283.288
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Teknologi Malaysia
id my.utm.47170
record_format eprints
spelling my.utm.471702019-03-31T08:34:33Z http://eprints.utm.my/id/eprint/47170/ Malware detection based on hybrid signature behavior application programming interface call graph Elhadi, Ammar Ahmed E. Maarof, Mohd Aizaini Osman, Ahmed Hamza Q Science Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection field. Approach: In this study, the static and dynamic analysis techniques that are used in malware detection are surveyed. Static analysis techniques, dynamic analysis techniques and their combination including Signature-Based and Behaviour-Based techniques are discussed. Results: In addition, a new malware detection framework is proposed. Conclusion: The proposed framework combines Signature-Based with Behaviour-Based using API graph system. The goal of the proposed framework is to improve accuracy and scan process time for malware detection. Science Publications 2012 Article PeerReviewed Elhadi, Ammar Ahmed E. and Maarof, Mohd Aizaini and Osman, Ahmed Hamza (2012) Malware detection based on hybrid signature behavior application programming interface call graph. American Journal Of Applied Sciences, 9 (3). pp. 283-288. ISSN 1546-9239 http://dx.doi.org/10.3844/ajassp.2012.283.288 DOI:10.3844/ajassp.2012.283.288
institution Universiti Teknologi Malaysia
building UTM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Malaysia
content_source UTM Institutional Repository
url_provider http://eprints.utm.my/
topic Q Science
spellingShingle Q Science
Elhadi, Ammar Ahmed E.
Maarof, Mohd Aizaini
Osman, Ahmed Hamza
Malware detection based on hybrid signature behavior application programming interface call graph
description Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection field. Approach: In this study, the static and dynamic analysis techniques that are used in malware detection are surveyed. Static analysis techniques, dynamic analysis techniques and their combination including Signature-Based and Behaviour-Based techniques are discussed. Results: In addition, a new malware detection framework is proposed. Conclusion: The proposed framework combines Signature-Based with Behaviour-Based using API graph system. The goal of the proposed framework is to improve accuracy and scan process time for malware detection.
format Article
author Elhadi, Ammar Ahmed E.
Maarof, Mohd Aizaini
Osman, Ahmed Hamza
author_facet Elhadi, Ammar Ahmed E.
Maarof, Mohd Aizaini
Osman, Ahmed Hamza
author_sort Elhadi, Ammar Ahmed E.
title Malware detection based on hybrid signature behavior application programming interface call graph
title_short Malware detection based on hybrid signature behavior application programming interface call graph
title_full Malware detection based on hybrid signature behavior application programming interface call graph
title_fullStr Malware detection based on hybrid signature behavior application programming interface call graph
title_full_unstemmed Malware detection based on hybrid signature behavior application programming interface call graph
title_sort malware detection based on hybrid signature behavior application programming interface call graph
publisher Science Publications
publishDate 2012
url http://eprints.utm.my/id/eprint/47170/
http://dx.doi.org/10.3844/ajassp.2012.283.288
_version_ 1643652249568673792