Path: Top -> Journal -> Telkomnika -> 2016 -> Vol 14, No 3: September
Metamorphic Malware Detection Based on Support Vector Machine Classification of Malware Sub-Signatures
Metamorphic Malware Detection Based on Support Vector Machine Classification of Malware Sub-Signatures
Journal from gdlhub / 2016-11-09 03:56:52Oleh : Ban Mohammed Khammas, Alireza Monemi, Ismahani Ismail, Sulaiman Mohd Nor, M.N. Marsono, Telkomnika
Dibuat : 2016-09-01, dengan 1 file
Keyword : SVM classification, Metamorphic, n-gram, Snort
Url : http://journal.uad.ac.id/index.php/TELKOMNIKA/article/view/3850
Achieving accurate and efficient metamorphic malware detection remains a challenge. Metamorphic malware is able to mutate and alter its code structure in each infection, with some vital functionality and codesegment remain unchanged. We exploit these unchanged features for detecting metamorphic malware detection using Support Vector Machine(SVM) classifier. n-gram features are extracted directly from sample malware binaries to avoid disassembly, which are then masked with the extracted Snort signature n-grams. These masked features reduce considerably the number of selected n-gram features. Our method is capable to accurately detect metamorphic malware with ~99 % accuracy and low false positive rate. The proposed method is also superior than commercially available anti-viruses in detecting metamorphic
Deskripsi Alternatif :Achieving accurate and efficient metamorphic malware detection remains a challenge. Metamorphic malware is able to mutate and alter its code structure in each infection, with some vital functionality and codesegment remain unchanged. We exploit these unchanged features for detecting metamorphic malware detection using Support Vector Machine(SVM) classifier. n-gram features are extracted directly from sample malware binaries to avoid disassembly, which are then masked with the extracted Snort signature n-grams. These masked features reduce considerably the number of selected n-gram features. Our method is capable to accurately detect metamorphic malware with ~99 % accuracy and low false positive rate. The proposed method is also superior than commercially available anti-viruses in detecting metamorphic
Beri Komentar ?#(0) | Bookmark
Properti | Nilai Properti |
---|---|
ID Publisher | gdlhub |
Organisasi | Telkomnika |
Nama Kontak | Herti Yani, S.Kom |
Alamat | Jln. Jenderal Sudirman |
Kota | Jambi |
Daerah | Jambi |
Negara | Indonesia |
Telepon | 0741-35095 |
Fax | 0741-35093 |
E-mail Administrator | elibrarystikom@gmail.com |
E-mail CKO | elibrarystikom@gmail.com |
Print ...
Kontributor...
- , Editor: sukadi
Download...
Download hanya untuk member.
3850-9999-1-PB
File : 3850-9999-1-PB.pdf
(414608 bytes)