A Novel Approach to Detect Malware Based on API Call Sequence Analysis

Malware Similarity Analysis using API Sequence Alignments

Malware variants could be defined as malware that have similar malcious behavior. In this paper, a sequence alignment method, the method widely used in Bioinformatics, was used to detect malware variants. This method can find the common parts of Malware’s API call sequences, and these common API call sequences can be used to detect similar behaviors of malware variants. However, when a sequence...

Mining CFG as API Call-grams to Detect Portable Executable Malware

Malware writers use evasion techniques like code obfuscation, packing, compression to conceal from Anti-Virus (AV) scanners as AV use syntactic signature to detect a known malware. Our detection approach is based on semantic aspect of PE executable that analyzes API Call-grams to detect unknown malicious code. Static analysis covers all the paths of code which is not possible with dynamic behav...

Malware Characterization Using Windows API Call Sequences

Malware Analysis using Multiple API Sequence Mining Control Flow Graph

Malwares are becoming persistent by creating fulledged variants of the same or different family. Malwares belonging to same family share same characteristics in their functionality of spreading infections into the victim computer. These similar characteristics among malware families can be taken as a measure for creating a solution that can help in the detection of the malware belonging to part...

Zero-day Malware Detection based on Supervised Learning Algorithms of API call Signatures

Zero-day or unknown malware are created using code obfuscation techniques that can modify the parent code to produce offspring copies which have the same functionality but with different signatures. Current techniques reported in literature lack the capability of detecting zero-day malware with the required accuracy and efficiency. In this paper, we have proposed and evaluated a novel method of...