Call for Paper - January 2023 Edition
IJCA solicits original research papers for the January 2023 Edition. Last date of manuscript submission is December 20, 2022. Read More

Detecting and Classifying Morphed Malwares: A Survey

Print
PDF
International Journal of Computer Applications
© 2015 by IJCA Journal
Volume 122 - Number 10
Year of Publication: 2015
Authors:
Sanjam Singla
Ekta Gandotra
Divya Bansal
Sanjeev Sofat
10.5120/21738-4937

Sanjam Singla, Ekta Gandotra, Divya Bansal and Sanjeev Sofat. Article: Detecting and Classifying Morphed Malwares: A Survey. International Journal of Computer Applications 122(10):28-33, July 2015. Full text available. BibTeX

@article{key:article,
	author = {Sanjam Singla and Ekta Gandotra and Divya Bansal and Sanjeev Sofat},
	title = {Article: Detecting and Classifying Morphed Malwares: A Survey},
	journal = {International Journal of Computer Applications},
	year = {2015},
	volume = {122},
	number = {10},
	pages = {28-33},
	month = {July},
	note = {Full text available}
}

Abstract

In this era, most of the antivirus companies are facing immense difficulty in detecting morphed malwares as they conceal themselves from detection. Malwares use various techniques to camouflage themselves so as to increase their lifetime. These obscure methods cannot completely impede analysis, but it prolongs the process of analysis and detection. This paper presents a review on malware detection systems and the progress made in detecting advanced malwares which will serve as a reference to researchers interested in working on advance malware detection systems.

References

  • Treadwell S. and Zhou M. , 2009. "A Heuristic Approach for Detection of Obfuscated Malware," in Proceedings of the 3rd International Conference on Intelligence and Security Informatics. IEEE, pp. 291–299
  • Gandotra E. , Bansal D. and Sofat S. , 2014 "Malware Analysis and classification: A survey," Journal of Information Security, Vol 5, No 2, pp. 56-64, April [Online Available:] http://www. scirp. org/journal/jis http://dx. doi. org/10. 4236/jis. 2014. 52006
  • Mcafee labs threats report: http://www. mcafee. com/in/resources/reports/rp-quarterlythreat-q3 2014. pdf
  • You I. and Yim K. , 2010 "Malware Obfuscation Techniques: A Brief Survey," Proceedings of International conference on Broadband, Wireless Computing, Communication and Applications, Fukuoka, pp. 297-300
  • Beaucamps P. , 2007 "Advanced Polymorphic Techniques," International Journal of Computer Science, vol. 2, no. 3, pp. 194-205
  • Aycock J. , 2006 "Computer Viruses and Malware," New York, USA: Springer
  • Szor P. , 2005 "The Art of Computer Virus Research and Defence," Addison-Wesley Professional
  • O'Kane P. , Sezer S. , and McLaughlin K. , 2011 "Obfuscation: The Hidden Malware," Security & Privacy, IEEE, vol. 9, no. 5, pp. 41-47
  • Rad B. B. , Masrom M. and Ibrahim S. , 2012 "Camouflage in Malware: From Encryption to Metamorphism," International Journal of Computer Science and Network Security, pp. 74-83
  • Austin T. H, Filiol E. , Josse S. and Stamp M. , 2013 "Exploring Hidden Markov Models for Virus Analysis: A Semantic Approach," Proceedings of the 46th Hawaii International Conference on System Sciences, Wailea, HI, USA, pp. 7-10
  • Ferrie P, Szor P. and Monica S. , 2001 "Hunting for Metamorphic," Proceedings of the Virus Bulletin Conference, Czech Republic, Prague, pp. 27-28
  • Griffin K. , Schneider S. , Hu X. and Chiueh T. , 2009 "Automatic generation of string signatures for malware detection," Proceedings of the 12th International Symposium, RAID, pp. 23- 25
  • Harley D. and Lee A. ,2007 "Heuristic Analysis Detecting Unknown Viruses", [White paper], [Online Available] http://www. eset. Com /us/resources/white-papers/Heuristic Analysis. pdf
  • Mathur K. and Hiranwal S. , 2013 "A Survey on Techniques in Detection and Analyzing Malware Executables," International Journal of Advanced Research in Computer Science and Software Engineering
  • Mitchell, T. M. "Machine learning", Burr Ridge, IL: McGraw Hill, 1997.
  • Alazab M. and Venkatraman S. , Watters P. and MAlazab Mo. , 2011 "Zero-day malware detection based on supervised learning algorithms of Api call signatures," Proceedings of the Ninth Australasian Data Mining Conference, Ballarat, Australia
  • Moskovitch R. , Elovici Y. and Rokach L. , 2008 "Detection of unknown computer worms based on behavioural classification of the host," Computational Statistics & Data Analysis
  • Siddiqui M. , Wang M. C. and Lee J. , 2008 "A survey of data mining techniques for malware detection using file features," Proceedings of the 46th Annual Southeast Regional Conference, New York, USA, pp. 28-28
  • Tran N. P. and Lee M. , 2013 "High performance string matching for security applications," Proceedings of the International Conference on ICT for Smart Society, Jakarta, pp. 13-14-15
  • Griffin K, Schneider S. , Hu X. and Chiueh T. , 2009 "Automatic generation of string signatures for malware detection," Proceedings of the 12th International Symposium, RAID, pp. 23- 25
  • Kuriakose J. and Vinod P. , 2014 "Towards the detection of Undetectable Metamorphic malware," SIN'14, Glasgow, Scotland UK
  • Aggarwal H. , Bahler L. , Micallef J. , Snyder S. and Virodov A. , 2013 "Detection of Global, Metamorphic malwares using Control and Data flow Analysis, " IEEE
  • Tsyganok K. , Anikeev M. , Tumoyan E. and Babenko L. , 2012 "Classification of polymorphic and metamorphic malwares samples based on their behaviour, " SIN
  • Armoun S. E. and Hashemi S. , 2012 "A general paradigm for normalising Metamorphic Malwares," 10th International Conference on Frontiers of Information Technology, IEEE
  • Vinod P. , Laxmi V. , Gaur M. S. and Chauhan G. , 2012 "MOMENTUM: Metamorphic Malware exploration technique using MSA signatures," International Conference on Innovations in information technology, IEEE
  • Li X. , Loh P. K. K. and Tan F. , 2011 "Mechanisms of polymorphic and Metamorphic Viruses," European Intelligence and Security Informatics Conference, IEEE
  • Vinod P. , Laxmi V. , Jain H. , Golecha Y. K. and Gaur M. S. , 2010 "MEDUSA: Metamorphic malware dynamic analysis using signature from API," SIN
  • Reeves S. D. and Zhang Q, 2005 "MetaAware: Identifying Metamorphic Malware," National Science Foundation (NSF)
  • Lakhotia A. and Chouchane M. R. , 2006 "Using Engine signatures to detect Metamorphic malware," WORM, USA
  • Christodorescu M. and Jha S. , 2003 "Static Analysis of Executables to Detect Malicious Patterns," In Proceedings of the 12th USENIX Security Symposium, pp. 169–186
  • Christodorescu M. , Jha S. , Seshia S. A. , Song D. , and Bryant R. E. , 2005 "Semantics-Aware Malware Detection," In Proceedings of IEEE Symposium on Security and Privacy, USA, pp. 32–46
  • Royal P. , Halpin M. , Dagon D. , Edmonds R. , and Lee W. , 2006 "PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware," In Proceedings of the 22th Annual Computer Security Applications Conference
  • Kruegel C. , Kirda E. , Mutz D. , Robertson W. , and Vigna G. , 2005 "Polymorphic Worm Detection Using Structural Information of Executables," In Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection (RAID), pp. 53–64
  • Karim M. , Walenstein A. and Lakhotia A. , 2005 "Malware Phylogeny Generation using Permutations of Code," Journal in Computer Virology, pp. 13–23
  • Zhang Q. and Reeves S. D. , 2007 "MetaAware: Identifying Metamorphic Malware," Computer Security Applications Conference, Annual, pp. 411–420
  • M. Stamp and W. Wong, "Hunting for Metamorphic Engines," 2006.
  • Bonfante G. , Kaczmarek M. and Marion J. , 2009 "Architecture of a Morphological Malware Detector," Computer Virology, pp. 263–270
  • Kaczmarek M. , Bonfante G. and Marion J. , 2007 "Control Flow Graphs as Malware Signatures,"
  • Kruegel C. , Kirda E. , Mutz D. , Robertson W. and Vigna G. , 2005 "Polymorphic Worm Detection using Structural Information of Executables," In RAID, Springer, Verlag, pp. 207–226
  • Lee H. and Jeong K. , 2008 "Code Graph for Malware Detection," In International conference on Information Networking, ICOIN, IEEE, pp. 1–5
  • Lin D. and Stamp, 2011 "Hunting for undetectable metamorphic viruses," In Journal Computer Virology, volume (7), issue (3), pp. 201–214
  • Tahan G. , Rokach L. and Shahar Y. , 2012 "Automatic Malware Detection Using Common Segment Analysis and Meta-Features," Journal of Machine Learning Research, pp- 949-979
  • Marpaung J. A. P, Sain M. and Lee H. J. , 2012 "Survey on malware evasion techniques: state of the art and challenges," International Conference of Advanced Communication Technology, pp 19-22
  • Elhadi A. A. E. , Maarof M. A. and Osman A. H, 2012 "Malware Detection Based on Hybrid Signature Behaviour Application Programming Interface Call Graph," American Journal of Applied Sciences 9
  • Sharp R. , "An Introduction to Malware," Spring 2012 [Online Available]http://orbit. dtu. dk/fedora/objects/orbit:82364/datastreams/file_4918204/content
  • Rehmani R. , Hazarika G. C. and G. Chetia G. , 2011 "Malware Threats and Mitigation Strategies: A Survey," Journal of Theoretical and Applied Information Technology, Vol. 29 No. 2
  • Saffaf M. N. , "Malware Analysis Bachelors Thesis," Helsinki Metropolis University of Applied Sciences, May 27, 2009
  • Gong T. , Tan X. and Zhu M. , 2009 "Malware Detection via Classifying With Compression," The 1st International Conference on Information Science and Engineering, (ICISE)
  • Rad B. B. , Masrom M. , and Ibrahim S. , 2012 "Opcodes Histogram for Classifying Metamorphic Portable Executables Malware," In ICEEE, pp. 209 – 213
  • Leder F. , Steinbock B. , and Martini P. , 2009 "Classi?cation and Detection of Metamorphic Malware Using Value Set Analysis," In MALWARE, pp. 39 – 46
  • Bayoglu B. and Sogukpinar I. , 2012 "Graph Based Signature Classes for Detecting Polymorphic Worms via Content Analysis," Computer Network, ISSN 1389-1286, pp. 832–844
  • Singla S. , Gandotra E. , Bansal D. & Sofat S. , 2015 "A Novel Approach to Malware Detection using Static Classification," International Journal of Computer Science and Information Security (IJCSIS), USA, Vol 13 No. 3, ISSN 1947-5500, pp 1-5
  • Saini, Gandotra E. , Bansal D. and Sofat S. , 2014 "Classification of PE files using static analysis" SIN'14, Glasgow, Scotland, UK, ACM
  • Gandotra E. , Bansal D. and Sofat S. , 2014 "Integrated Framework for Classification of Malwares," SIN'14, Glasgow, Scotland, UK, ACM