Dynamic Extraction of Initial Behavior for Evasive Malware Detection-Reference-Cited by-同舟云学术

Dynamic Extraction of Initial Behavior for Evasive Malware Detection

Published:2023-01-12 Issue:2 Volume:11 Page:416
ISSN:2227-7390
Container-title:Mathematics
language:en
Short-container-title:Mathematics

Author:

Aboaoja Faitouri A.,Zainal Anazida^ORCID,Ali Abdullah Marish^ORCID,Ghaleb Fuad A.^ORCID,Alsolami Fawaz Jaber^ORCID,Rassam Murad A.^ORCID

Abstract

Recently, malware has become more abundant and complex as the Internet has become more widely used in daily services. Achieving satisfactory accuracy in malware detection is a challenging task since malicious software exhibit non-relevant features when they change the performed behaviors as a result of their awareness of the analysis environments. However, the existing solutions extract features from the entire collected data offered by malware during the run time. Accordingly, the actual malicious behaviors are hidden during the training, leading to a model trained using unrepresentative features. To this end, this study presents a feature extraction scheme based on the proposed dynamic initial evasion behaviors determination (DIEBD) technique to improve the performance of evasive malware detection. To effectively represent evasion behaviors, the collected behaviors are tracked by examining the entropy distributions of APIs-gram features using the box-whisker plot algorithm. A feature set suggested by the DIEBD-based feature extraction scheme is used to train machine learning algorithms to evaluate the proposed scheme. Our experiments’ outcomes on a dataset of benign and evasive malware samples show that the proposed scheme achieved an accuracy of 0.967, false positive rate of 0.040, and F1 of 0.975.

Funder

King Abdulaziz University

Publisher

MDPI AG

Subject

General Mathematics,Engineering (miscellaneous),Computer Science (miscellaneous)

Link

https://www.mdpi.com/2227-7390/11/2/416/pdf

Reference72 articles.

1. Malware classification using image representation;Singh;Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),2019

2. Kaspersky Security (2022, August 25). Kaspersky Security Bulletin. Available online: https://go.kaspersky.com/rs/802-IJN-240/images/KSB_statistics_2018_eng_final.pdf.

3. H. Sciences (2022, August 12). Internet security Threat Report 2017. Available online: https://docs.broadcom.com/doc/istr-22-2017-en.

4. Morgan, S. (2022, August 18). Cybercrime Damages $6 Trillion By 2021. Available online: https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/.

5. Evolution of Malware and Its Detection Techniques;Sahay;Advances in Intelligent Systems and Computing,2020

Cited by 7 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Deep learning-powered malware detection in cyberspace: a contemporary review;Frontiers in Physics;2024-03-28

2. An Evaluation of Current Malware Trends and Defense Techniques: A Scoping Review with Empirical Case Studies;Journal of Advances in Information Technology;2024

3. A Comparative Analysis of Android Malware Detection Using Deep Learning;Communications in Computer and Information Science;2023-12-03

4. Lightweight and Robust Malware Detection Using Dictionaries of API Calls;Telecom;2023-11-02

5. A Kullback-Liebler divergence-based representation algorithm for malware detection;PeerJ Computer Science;2023-09-22