Call for Paper - December 2020 Edition
IJCA solicits original research papers for the December 2020 Edition. Last date of manuscript submission is November 20, 2020. Read More

Overview of Malware Analysis and Detection

Print
PDF
IJCA Proceedings on National Conference on Knowledge, Innovation in Technology and Engineering (NCKITE 2015)
© 2015 by IJCA Journal
NCKITE 2015 - Number 1
Year of Publication: 2015
Authors:
Aziz Makandar
Anita Patrot

Aziz Makandar and Anita Patrot. Article: Overview of Malware Analysis and Detection. IJCA Proceedings on National Conference on Knowledge, Innovation in Technology and Engineering (NCKITE 2015) NCKITE 2015(1):35-40, July 2015. Full text available. BibTeX

@article{key:article,
	author = {Aziz Makandar and Anita Patrot},
	title = {Article: Overview of Malware Analysis and Detection},
	journal = {IJCA Proceedings on National Conference on Knowledge, Innovation in Technology and Engineering (NCKITE 2015)},
	year = {2015},
	volume = {NCKITE 2015},
	number = {1},
	pages = {35-40},
	month = {July},
	note = {Full text available}
}

Abstract

Several methods have been devised to smooth the progress of malware analysis and one of them is through visualization techniques. Visualization technique is a basic method which is used to visualize the features of malware or variants. This field focuses on features of individual variants and also helpful to the researchers to identify malware easily. The behaviors of malware are identified by variants such as encrypted, polymorphic, metamorphic, and obfuscated which have the ability to change their code as they propagate. In this paper various types of malware is discusses briefly with their categorization of malware families. Techniques of detection and classification of malware motivated especially on behaviors of malware samples which are similar in texture and some extent through this we can classify the malware data. This paper provides an overview of existing malware detection techniques.

References

  • Schultz, M. , Eskin, E. , Zadok, F. and Stolfo, S. "Data Mining Methods for Detection of New Malicious Executables". Proceedings of 2001 IEEE Symposium on Security and Privacy, pp. 38-49, 2001.
  • Bayer, U. , Moser, A. , Kruegel, C. and Kirda, E. "Dynamic Analysis of Malicious Code". Journal in Computer Virology, pp. 67-77, 2006.
  • Infographic: The State of Malware, 2013.
  • Anubis. http://anubis. iseclab. org/
  • Bayer, U. , Kruegel, C. and Kirda, E. TT, "Analyze: A Tool for Analyzing Malware". Proceedings of the 15th European Institute for Computer Antivirus Research Annual Conference, 2006.
  • Ahmed, M. "NIDS: A Network Based Approach to Intrusion Detection and Prevention". Computer Science and Information Technology - Spring Conference, 2009.
  • D. L. Donoho, "De-noising by soft-thresholding," IEEE Trans. Information Theory, 1995.
  • Cohen, W. "Fast Effective Rule Induction". Proceedings of 12th International Conference on Machine Learning, San Francisco, pp. 115-123,1995.
  • Kolter, J. and Maloof, M. "Learning to Detect Malicious Executables in the Wild". Proceedings of the 10th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 2721,2744, 2006.
  • Nataraj, L. , Karthikeyan, S. , Jacob, G. and Manjunath, B. "Malware Images: Visualization and Automatic Classification". Proceedings of the 8th International Symposium on Visualization for Cyber Security, Article No. 4. 2011
  • Nataraj, L. , Yegneswaran, V. , Porras, P. and Zhang, J. "A Comparative Assessment of Malware Classification Using Binary Texture Analysis and Dynamic Analysis". Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, pp. 21-30, 2011.
  • Nataraj, L. " SigMal: A Static Signal Processing Based Malware Triage". 2013
  • Kong, D. and Yan, G. Discriminant. "Malware Distance Learning on Structural Information for Automated Malware Classification". Proceedings of the ACM SIGMETRICS/International Conference on Measurement and Modeling of Computer Systems, pp. 347-348,2013.
  • IDAPro. https://www. hex-rays. com/products/ida/ support/ download_freeware. shtml
  • OllyDbg. http://www. ollydbg. de/
  • Indyk, P. and Motwani, R. "Approximate Nearest Neighbor: Towards Removing the Curse of Dimensionality". Proceedings of 30th Annual ACM Symposium on Theory of Computing, Dallas, pp. 604-613,1998.
  • Tian, R. ,Batten, L. And Versteeg, S, "Function Length as a tool for malware classification". Proceedings of the 3rd international conference on malicious and unwanted software, Fairfax, pp. 57-64, October 2008
  • Zolkipli, M. F. and Jantan, A. "An approach for malware behavioural identification and classification". Proceedings of the 3rd international conference on Computer research and Development, Shanghai,, 11-13 pp. 191-194, 2011.
  • Rieck, k. , Trinius, P. , Willems, C. And Holz, T, "Automatic Analysis of malware behaviour using machine learning". Journal of Computer Security, 19,639-668, 2011.
  • Anderson, B. , Quist, D. , Neil, J. , Storlie, C. And Lane, T. "Graph based malware detection using dynamic analysis". Journal in computer virology, pp. 247-258. 2011.
  • Bayer, U. , Comparetti, P. M. , Hlauschek, C. And Kruegel, C. "Scalable, Behaviour-based Malware Clustering". Proceedings of the 16th Annual Network and Distributed System Security Symposium, 2009.
  • Tian, R. ,Batten, L. And Versteeg, S. "Function Length as a tool for malware classification". Proceedings of the 3rd international conference on malicious and unwanted software, Fairfax, pp. 57-64, 2008.
  • Aziz Makandar, Bhagirathi Halalli," Image Enhancement Tchniques Using Highpass Filter and Lowpass Filters". International Journal of Computer Applications (0975-8887) Volume 109 – No. 14, January 2015.
  • Anderson, B. , Storlie, C. And Lane, T. "Improving Malware Classification: Bridging the static/dynamic gap". Proceedings of the 5th ACM Workshop on Security and Artificial Inteligence, 2012.
  • Garfinkel, T. and M. Rosenblum, "A virtual machine introspection based architecture for intrusion detection". pp. 191—206, 2003.
  • Lagar-Cavilla, H. A. , "Flexible Computing with Virtual Machines". 2009.
  • T. Cover and P. Hart, "Nearest neighbor pattern classification," IEEE Transactions on Information Theory, pp. 21–27, 1967.
  • Aziz Makandar, Anita Patrot, "Computation of Pre-processing Techniques for Image Restoration". International Journal of Computer Applications (0975-8887) Volume 113 – No. 4, March 2015.
  • I. H. Witten, E. Frank, and M. A. Hall, Data "Mining: Practical Machine Learning Tools and Techniques". 3rd ed. Morgan Kaufmann Inc, 2011.
  • R. K. Shahzad, S. I. Haider, and N. Lavesson, "Detection of spyware by mining executable files," in Proceedings of the 5th International Conference on Availability, Reliability, and Security. IEEE Computer Society, pp. 295–302, 2010.
  • Aziz Makandar, Anita Patrot and Bhagirathi Halalli," Color Image Analysis and Contrast Stretching using Histogram Equalization". International Journal of Advanced Information Science and Technology (IJAIST) ISSN: 2319:2682 Vol. 27, No. 27, July 2014.
  • Kyoung Soo Han ,Jae Hyun Lim, Boojoong Kang, Eul Gyu Im, "Malware Analysis Using Entropy Graphs", Springer-Verlag Berlin Heidelberg 2014, Int. J. Inf. . Secur. 14:1–14 DOI 10. 1007/s10207-014-0242-0,2015.
  • Said Zainudeen Mohd Shaid, Mohd Aizaini Maarof, " Malware Behaviour Image for Malware Variant Identification", IEEE International Symposium on Biometric and Security Technologies (ISBAST), 2014.