Malware refers to any type of code written with the intention of harming a computer or network. The quantity of malware being produced is increasing every year and poses a serious global security threat. Hence, malware detection is a critical topic in computer security. Signature-based detection is the most widespread method used in commercial antivirus solutions. However, signature-based detec...

Malware programs (e.g., viruses, worms, Trojans, etc.) are a worldwide epidemic. Studies and statistics show that the impact of malware is getting worse. Malware detectors are the primary tools in the defence against malware. Most commercial anti-malware scanners maintain a database of malware patterns and heuristic signatures for detecting malicious programs within a computer system. Malware w...

This paper proposes the detection mechanism and implementation of the malware detection system, which generates the behavioral sequences patterns of the malware groups and detects the known and unknown malware. The behavioral patterns of the malware groups are generated as using Multiple Sequence Alignment (MSA) algorithm with the API call sequences occurred from the execution of some malware s...

As malware is becoming increasingly sophisticated and stealthy, effective techniques for malware detection and analysis are imperative. Previous detection mechanisms are insufficient. Signature-based detection cannot detect new malware, and watch-point based behavioral detection can be evaded by stealthier design. Most previous analysis mechanisms are too coarse-grained to capture malware behav...

The prevalence of Android smartphones and the immense growth of Android malware create significant numbers of malware incidents that require forensics handling. Certain smartphone forensic tool has incorporated anti-virus databases in their device for malware detection process. However, examiners should be aware that most of anti-virus application uses known patterns or signatures for malware d...

Learning-based malware detectors may be erroneous due to two inherent limitations. First, there is a lack of differentiability: selected features may not reflect essential differences between malware and benign apps. Second, there is a lack of comprehensiveness: the used machine learning (ML) models are usually based on prior knowledge of existing malware (i.e., training dataset) so malware can...

Embedded malware is a recently discovered security threat that allows malcode to be hidden inside a benign file. It has been shown that embedded malware is not detected by commercial antivirus software even when the malware signature is present in the antivirus database. In this paper, we present a novel anomaly detection scheme to detect embedded malware. We first analyze byte sequences in ben...

Malware is code designed for a malicious purpose, such as obtaining root privilege on a host. A malware detector identifies malware and thus prevents it from adversely affecting a host. In order to evade detection by malware detectors, malware writers use various obfuscation techniques to transform their malware. There is strong evidence that commercial malware detectors are susceptible to thes...

Detection and Classification of Malicious Processes Using System Call Analysis Raymond J. Canzanese, Jr. Moshe Kam, Ph.D. and Spiros Mancoridis, Ph.D. Despite efforts to mitigate the malware threat, the proliferation of malware continues, with recordsetting numbers of malware samples being discovered each quarter. Malware are any intentionally malicious software, including software designed for...