Metamorphic Malware Detection Using Function Call Graph Analysis

نویسندگان

Prasad Deshpande

Mark Stamp

چکیده

Previous work has shown that well-designed metamorphicmalware can evade many commonly-used malware detection techniques, including signature scanning. In this paper, we consider a previously developed score which is based on function call graph analysis. We test this score on challenging classes of metamorphic malware and we show that the resulting detection rates yield an improvement over other comparable techniques. These results indicate that the function call graph score is among the stronger malware scores developed to date.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Enhancing the detection of metamorphic malware using call graphs

Malware stands for malicious software. It is software that is designed with a harmful intent. A malware detector is a system that attempts to identify malware using Application Programming Interface (API) call graph technique and/or other techniques. API call graph techniques follow two main steps, namely, transformation of malware samples into an API call graph using API call graph constructio...

متن کامل

A Graph Mining Approach for Detecting Metamorphic Malwares

Metamorphic malware changes the syntax of its code in each infection. This process makes it extremely hard to detect. While the byte sequence of the metamorphic malware may be quite different from its parent, the main functionality of the malware has to stay the same. Therefore, traditional methods based on static signature detection cannot detect such malwares, and need to be designed semantic...

متن کامل

A framework for metamorphic malware analysis and real-time detection

Metamorphism is a technique that mutates the binary code using different obfuscations. It is difficult to write a new metamorphic malware and in general malware writers reuse old malware. To hide detection the malware writers change the obfuscations (syntax) more than the behavior (semantic) of such a new malware. On this assumption and motivation, this paper presents a new framework named MARD...

متن کامل

Annotated Control Flow Graph for Metamorphic Malware Detection

Metamorphism is a technique that mutates the binary code using different obfuscations and never keeps the same sequence of opcodes in the memory. This stealth technique provides the capability to a malware for evading detection by simple signature-based (such as instruction sequences, byte sequences and string signatures) anti-malware programs. In this paper, we present a new scheme named Annot...

متن کامل

Malware Detection using Classification of Variable-Length Sequences

In this paper, a novel method based on the graph is proposed to classify the sequence of variable length as feature extraction. The proposed method overcomes the problems of the traditional graph with variable length of data, without fixing length of sequences, by determining the most frequent instructions and insertion the rest of instructions on the set of “other”, save speed and memory. Acco...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2017

Metamorphic Malware Detection Using Function Call Graph Analysis

نویسندگان

چکیده

منابع مشابه

Enhancing the detection of metamorphic malware using call graphs

A Graph Mining Approach for Detecting Metamorphic Malwares

A framework for metamorphic malware analysis and real-time detection

Annotated Control Flow Graph for Metamorphic Malware Detection

Malware Detection using Classification of Variable-Length Sequences

عنوان ژورنال:

اشتراک گذاری