CFP last date
20 January 2025
Reseach Article

Comparative Analysis of Feature Extraction Methods of Malware Detection

by Smita Ranveer, Swapnaja Hiray
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 120 - Number 5
Year of Publication: 2015
Authors: Smita Ranveer, Swapnaja Hiray
10.5120/21220-3960

Smita Ranveer, Swapnaja Hiray . Comparative Analysis of Feature Extraction Methods of Malware Detection. International Journal of Computer Applications. 120, 5 ( June 2015), 1-7. DOI=10.5120/21220-3960

@article{ 10.5120/21220-3960,
author = { Smita Ranveer, Swapnaja Hiray },
title = { Comparative Analysis of Feature Extraction Methods of Malware Detection },
journal = { International Journal of Computer Applications },
issue_date = { June 2015 },
volume = { 120 },
number = { 5 },
month = { June },
year = { 2015 },
issn = { 0975-8887 },
pages = { 1-7 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume120/number5/21220-3960/ },
doi = { 10.5120/21220-3960 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:05:25.025205+05:30
%A Smita Ranveer
%A Swapnaja Hiray
%T Comparative Analysis of Feature Extraction Methods of Malware Detection
%J International Journal of Computer Applications
%@ 0975-8887
%V 120
%N 5
%P 1-7
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Recent years have encountered massive growth in malwares which poses a severe threat to modern computers and internet security. Existing malware detection systems are confronting with unknown malware variants. Recently developed malware detection systems investigated that the diverse forms of malware exhibit similar patterns in their structure with minor variations. Hence, it is required to discriminate the types of features extracted for detecting malwares. So that potential of malware detection system can be leveraged to combat with unfamiliar malwares. We mainly focus on the categorization of features based on malware analysis. This paper highlights general framework of malware detection system and pinpoints strengths and weaknesses of each method. Finally we presented overview of performance of present malware detection systems based on features.

References
  1. A. Shabtai, R. Moskovitch, Y. Elovici, C. Glezer, Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey, Information security technical report 14, 2009.
  2. Santos, I. , Devesa, J. , Brezo, F. , Nieves, J. and Bringas, P. G. (2013) OPEM: A Static-Dynamic Approach for Machine Learning Based Malware Detection, Proceedings of International Conference CISIS12-ICEUTE12, Special Sessions Advances in Intelligent Systems and Computing, 189, 271-280.
  3. R. Islam, R Tian, Lynn, M. Batten , S. Versteeg, Classification of malware based on integrated static and dynamic features, Journal of Network and Computer Applications 36,646656,2013.
  4. Islam R, Tian R, Batten L, Versteeg S. Classification of malware based on string and function feature selection, Cybercrime and Trustworthy Computing Workshop (CTC) 2010:917.
  5. Sophos labs, Security Threat Report 2014.
  6. I. A. Saeed, A. Selamat, Ali M. A. Abuagoub, A Survey on Malware and Malware Detection Systems, International Journal of Computer Applications, Volume 67 No. 16, April 2013.
  7. Mathur, K. and Hiranwai, S. A Survey on Techniques in Detection and Analyzing Malware Executables. International Journal of Advanced Research in Computer Science and Software Engineering, 2013, 3: 422428.
  8. Ekta Gandotra, Divya Bansal, Sanjeev Sofat, Malware Analysis and Classification: A Survey, Department of Computer Science and Engineering, PEC University of Technology, Chandigarh, India Journal of Information Security, 2014, 5,56-64 Published Online April 2014 in SciRes.
  9. Schultz, M. , Eskin, E. , Zadok, F. , Stolfo, Data mining methods for detection of new malicious executables. In: Proceedings of the 22nd IEEE Symposium on Security and Privacy. (2001) 3849.
  10. Tony Abou-Assaleh, Nick Cercone, Vlado Keselj, and Ray Sweidan. Detection of new malicious code using n-grams signatures In Proceedings of Second Annual Conference on Privacy, Security and Trust, pp. 193196, 2004.
  11. R. Moskovitch, C. Feher, N. Tzachar, E. Berger, M. Gitelman, S. Dolev and Y. Elovici. Unknown Malcode Detection Using OPCODE Representation. Proc. Of the 1-st European Conference on Intelligence and Security Informatics (EuroISI08), 2008.
  12. W. Li, K. Wang, S. Stolfo, B. Herzog. Fileprints: Identifying file types by n-gram analysis. Proc. of the IEEE Workshop on Information Assurance and Security,2005.
  13. Moskovitch R, Stopel D, Feher C, Nissim N, Elovici Y. Unknown malcode detection via text categorization and the imbalance problem In: IEEE Intelligence and Security Informatics, Taiwan; 2008.
  14. I. Santos, F. Brezo, X. Ugarte-Pedrero, P. G. Bringas, Opcode sequences as representation of executables for data-mining-based unknown malware detection, Information Sciences, vol. 231, pp. 64-82, 2013.
  15. A. Shabtai, R. Moskovitch, C. Feher, S. Dolev, and Y. Elovici, Detecting unknown malicious code by applying classification techniques on opcode patterns, Security Informatics, vol. 1, pp. 122, 2012.
  16. I. Santos, F. Brezo, J. Nieves, Y. K. Penya, B. Sanz, C. Laorden, and P. G. Bringas, Opcode-sequence-based malware detection, in Proc. 2nd Int. Symp. Eng. Secure Software and Syst. (ESSoS), Pisa, Italy, . vol. LNCS 5965, pp. 3543, Feb. 34, 2010.
  17. M. Z. Shafiq, S. M. Tabish, F. Mirza, and M. Farooq, Pe-miner: Mining structural information to detect malicious executables in realtime, in Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, ser. RAID 09. Berlin, Heidelberg: Springer- Verlag, 2009, pp. 121141. i. org/10. 4236/jis. 2014. 5-2006.
  18. Mikhail Zolotukhin, Timo Hamalainen, Support Vector Machine Integrated with Game-Theoretic Approach and Genetic Algorithm for the Detection and Classification of Malware, Globecom 2013 IEEEWorkshop - First InternationalWorkshop on Security and Privacy in Big Data
  19. Y. Ye, L. Chen, D. Wang, T. Li, Q. Jiang, and M. Zhao, Sbmds: an interpretable string based malware detection system using svm ensemble with bagging, Journal in Computer Virology, vol. 5, no. 4, pp. 283293, 2009.
  20. Rieck, K. , Trinius, P. , Willems, C. and Holz, T. (2011) Automatic Analysis of Malware Behavior Using Machine Learning. Journal of Computer Security, 19, 639-668.
  21. Tian R, Batten L, Islam R, Versteeg S. An automated classification system based on the strings of Trojan and virus families, In: Proceedings of the 4th international conference on malicious and unwanted software: MALWARE 2009; 2009. p. 2330.
  22. Tian, R. , Islam, M. R. , Batten, L. and Versteeg, S. (2010) Differentiating Malware from Cleanwares Using Behavioral Analysis, Proceedings of 5th International Conference on Malicious and Unwanted Software (Malware), Nancy,October 2010, 23-30.
  23. Park, Y. , Reeves, D. , Mulukutla, V. and Sundaravel, Fast Malware Classification by Automated Behavioral Graph Matching. Proceedings of the 6th Annual Workshop on Cyber Security and Information Intelligence Research, Article No. 45,2010.
  24. Firdausi, I. , Lim, C. and Erwin, Analysis of Machine Learning Techniques Used in Behavior Based Malware Detection, Proceedings of 2nd International Conference on Advances in Computing, Control and Telecommunication Technologies (ACT), Jakarta, 2010, 201-203.
  25. Wagener G, State R, Dulaunoy A. Malware behaviour analysis, Journal in Computer Virology 2008;4(4):27987.
  26. Biley, M. , Oberheid, J. , Andersen, J. , Morley Mao, Z. , Jahanian, F. and Nazario, Automated Classification and Analysis of Internet Malware, Proceedings of the 10th International Conference on Recent Advances in Intrusion Detection, 4637, 178-197.
  27. Lee, T. and Mody, J. J. Behavioral Classification Proceedings of the European Institute for Computer Antivirus Research Conference (EICAR2006).
  28. D. Bilar, Opcodes as predictor for malware. International Journal of Electronic Security and Digital Forensics, pp. 156-168, 2007.
  29. R. Sekar, M. Bendre, D. Bollineni, and Bollineni, R. Needham and M. Abadi, Eds. , A fast automaton-based method for detecting anomalous program behaviors, in Proc. 2001 IEEE Symp. Security and Privacy, IEEE Comput. Soc. , Los Alamitos, CA, USA, 2001, pp. 144155.
  30. VXheavens Website:url:http://vx. netlux. org.
  31. Nari, S. and Ghorbani, Automated Malware Classification Based on Network Behavior. Proceedings of International Conference on Computing, Networking and Communications (ICNC), San Diego, 28-31 January 2013, 642-647.
Index Terms

Computer Science
Information Sciences

Keywords

Feature Extraction Malware Detection Opcodes Static Analysis Dynamic Analysis Machine Learning.