Malware detection based on hybrid signature behavior application programming interface call graph
Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection fie...
Saved in:
Main Authors: | , , |
---|---|
Format: | Article |
Published: |
Science Publications
2012
|
Subjects: | |
Online Access: | http://eprints.utm.my/id/eprint/47170/ http://dx.doi.org/10.3844/ajassp.2012.283.288 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Teknologi Malaysia |
id |
my.utm.47170 |
---|---|
record_format |
eprints |
spelling |
my.utm.471702019-03-31T08:34:33Z http://eprints.utm.my/id/eprint/47170/ Malware detection based on hybrid signature behavior application programming interface call graph Elhadi, Ammar Ahmed E. Maarof, Mohd Aizaini Osman, Ahmed Hamza Q Science Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection field. Approach: In this study, the static and dynamic analysis techniques that are used in malware detection are surveyed. Static analysis techniques, dynamic analysis techniques and their combination including Signature-Based and Behaviour-Based techniques are discussed. Results: In addition, a new malware detection framework is proposed. Conclusion: The proposed framework combines Signature-Based with Behaviour-Based using API graph system. The goal of the proposed framework is to improve accuracy and scan process time for malware detection. Science Publications 2012 Article PeerReviewed Elhadi, Ammar Ahmed E. and Maarof, Mohd Aizaini and Osman, Ahmed Hamza (2012) Malware detection based on hybrid signature behavior application programming interface call graph. American Journal Of Applied Sciences, 9 (3). pp. 283-288. ISSN 1546-9239 http://dx.doi.org/10.3844/ajassp.2012.283.288 DOI:10.3844/ajassp.2012.283.288 |
institution |
Universiti Teknologi Malaysia |
building |
UTM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Teknologi Malaysia |
content_source |
UTM Institutional Repository |
url_provider |
http://eprints.utm.my/ |
topic |
Q Science |
spellingShingle |
Q Science Elhadi, Ammar Ahmed E. Maarof, Mohd Aizaini Osman, Ahmed Hamza Malware detection based on hybrid signature behavior application programming interface call graph |
description |
Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection field. Approach: In this study, the static and dynamic analysis techniques that are used in malware detection are surveyed. Static analysis techniques, dynamic analysis techniques and their combination including Signature-Based and Behaviour-Based techniques are discussed. Results: In addition, a new malware detection framework is proposed. Conclusion: The proposed framework combines Signature-Based with Behaviour-Based using API graph system. The goal of the proposed framework is to improve accuracy and scan process time for malware detection. |
format |
Article |
author |
Elhadi, Ammar Ahmed E. Maarof, Mohd Aizaini Osman, Ahmed Hamza |
author_facet |
Elhadi, Ammar Ahmed E. Maarof, Mohd Aizaini Osman, Ahmed Hamza |
author_sort |
Elhadi, Ammar Ahmed E. |
title |
Malware detection based on hybrid signature behavior application programming interface call graph |
title_short |
Malware detection based on hybrid signature behavior application programming interface call graph |
title_full |
Malware detection based on hybrid signature behavior application programming interface call graph |
title_fullStr |
Malware detection based on hybrid signature behavior application programming interface call graph |
title_full_unstemmed |
Malware detection based on hybrid signature behavior application programming interface call graph |
title_sort |
malware detection based on hybrid signature behavior application programming interface call graph |
publisher |
Science Publications |
publishDate |
2012 |
url |
http://eprints.utm.my/id/eprint/47170/ http://dx.doi.org/10.3844/ajassp.2012.283.288 |
_version_ |
1643652249568673792 |