Applying NLP techniques to malware detection in a practical environment-Reference-Cited by-同舟云学术

Applying NLP techniques to malware detection in a practical environment

Published:2021-06-06 Issue: Volume: Page:
ISSN:1615-5262
Container-title:International Journal of Information Security
language:en
Short-container-title:Int. J. Inf. Secur.

Author:

Mimura Mamoru^ORCID,Ito Ryo

Abstract

AbstractExecutable files still remain popular to compromise the endpoint computers. These executable files are often obfuscated to avoid anti-virus programs. To examine all suspicious files from the Internet, dynamic analysis requires too much time. Therefore, a fast filtering method is required. With the recent development of natural language processing (NLP) techniques, printable strings became more effective to detect malware. The combination of the printable strings and NLP techniques can be used as a filtering method. In this paper, we apply NLP techniques to malware detection. This paper reveals that printable strings with NLP techniques are effective for detecting malware in a practical environment. Our dataset consists of more than 500,000 samples obtained from multiple sources. Our experimental results demonstrate that our method is effective to not only subspecies of the existing malware, but also new malware. Our method is effective against packed malware and anti-debugging techniques.

Publisher

Springer Science and Business Media LLC

Subject

Computer Networks and Communications,Safety, Risk, Reliability and Quality,Information Systems,Software

Link

https://link.springer.com/content/pdf/10.1007/s10207-021-00553-8.pdf

Reference57 articles.

1. Abou-Assaleh, T., Cercone, N., Keselj, V., Sweidan, R.: Detection of new malicious code using n-grams signatures. In: PST, pp. 193–196 (2004). http://dev.hil.unb.ca/Texts/PST/pdf/assaleh.pdf

2. Aghakhani, H., Gritti, F., Mecca, F., Lindorfer, M., Ortolani, S., Balzarotti, D., Vigna, G., Kruegel, C. When malware is packin’ heat; limits of machine learning classifiers based on static analysis features Network and Distributed Systems Security (NDSS) Symposium (2020). https://doi.org/10.14722/ndss.2020.24310

3. Bilar, D.: Opcodes as predictor for malware. IJESDF. Int. J. Electron. Secur. Digit. Forensics 1(2), 156–168 (2007)

4. Elovici, Y., Shabtai, A., Moskovitch, R., Tahan, G., Glezer, C.: Applying machine learning techniques for detection of malicious code in network traffic. In: J. Hertzberg, M. Beetz, R. Englert (eds.) KI 2007: Advances in Artificial Intelligence, 30th Annual German Conference on AI, KI 2007, Osnabrück, Germany, September 10-13, 2007, Proceedings, Lecture Notes in Computer Science, vol. 4667, pp. 44–50. Springer (2007). https://doi.org/10.1007/978-3-540-74565-5_5

5. Hatada, M., Akiyama, M., Matsuki, T., Kasama, T.: Empowering anti-malware research in japan by sharing the MWS datasets. JIP 23(5), 579–588 (2015). https://doi.org/10.2197/ipsjjip.23.579

Cited by 32 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Cognitively Inspired Three-Way Decision Making and Bi-Level Evolutionary Optimization for Mobile Cybersecurity Threats Detection: A Case Study on Android Malware;Cognitive Computation;2024-09-06

2. A study on natural language processing-based method for Windows malware detection;2024 Tenth International Conference on Communications and Electronics (ICCE);2024-07-31

3. Software installation threat detection based on attention mechanism and improved convolutional neural network in IOT platform;Engineering Research Express;2024-07-18

4. A survey of malware detection using deep learning;Machine Learning with Applications;2024-06

5. Discovering Malicious Signatures in Software from Structural Interactions;ICASSP 2024 - 2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP);2024-04-14