Path: Top -> Journal -> Telkomnika -> 2016 -> Vol 14, No 3: September

Metamorphic Malware Detection Based on Support Vector Machine Classification of Malware Sub-Signatures

Metamorphic Malware Detection Based on Support Vector Machine Classification of Malware Sub-Signatures

Journal from gdlhub / 2016-11-09 03:56:52
Oleh : Ban Mohammed Khammas, Alireza Monemi, Ismahani Ismail, Sulaiman Mohd Nor, M.N. Marsono, Telkomnika
Dibuat : 2016-09-01, dengan 1 file

Keyword : SVM classification, Metamorphic, n-gram, Snort
Url : http://journal.uad.ac.id/index.php/TELKOMNIKA/article/view/3850

Achieving accurate and efficient metamorphic malware detection remains a challenge. Metamorphic malware is able to mutate and alter its code structure in each infection, with some vital functionality and codesegment remain unchanged. We exploit these unchanged features for detecting metamorphic malware detection using Support Vector Machine(SVM) classifier. n-gram features are extracted directly from sample malware binaries to avoid disassembly, which are then masked with the extracted Snort signature n-grams. These masked features reduce considerably the number of selected n-gram features. Our method is capable to accurately detect metamorphic malware with ~99 % accuracy and low false positive rate. The proposed method is also superior than commercially available anti-viruses in detecting metamorphic

Deskripsi Alternatif :

Achieving accurate and efficient metamorphic malware detection remains a challenge. Metamorphic malware is able to mutate and alter its code structure in each infection, with some vital functionality and codesegment remain unchanged. We exploit these unchanged features for detecting metamorphic malware detection using Support Vector Machine(SVM) classifier. n-gram features are extracted directly from sample malware binaries to avoid disassembly, which are then masked with the extracted Snort signature n-grams. These masked features reduce considerably the number of selected n-gram features. Our method is capable to accurately detect metamorphic malware with ~99 % accuracy and low false positive rate. The proposed method is also superior than commercially available anti-viruses in detecting metamorphic

Beri Komentar ?#(0) | Bookmark

PropertiNilai Properti
ID Publishergdlhub
OrganisasiTelkomnika
Nama KontakHerti Yani, S.Kom
AlamatJln. Jenderal Sudirman
KotaJambi
DaerahJambi
NegaraIndonesia
Telepon0741-35095
Fax0741-35093
E-mail Administratorelibrarystikom@gmail.com
E-mail CKOelibrarystikom@gmail.com

Print ...

Kontributor...

  • , Editor: sukadi

Download...