The increased sophistication and evasiveness of malware has brought tremendous challenges to vendors of antivirus systems. Various malware detection approaches have been proposed and deployed to detect and remove malware. However, it is challenging for a single security vendor to analyze all malware and to provide up-to-date protection, e.g., a signature database. In this paper, we investigate ...

Monitoring the behavior of program execution at run-time is widely used to differentiate benign and malicious processes executing in the host computer. Most of the existing run-time malware detection methods use the information available in Windows Application Programming Interface (API) calls. The proposed malware detection system uses the Windows API call sequence. A 3rd order Markov chain (i...

Malware is one of the most severe crucial security threats on the Internet. Many malware authors frequently change their malware distribution domains and URLs to avoid IDS (Intrusion Detection Systems) detection, and URLs become invalid shortly, which we name the malware distribution phenomenon fast-flux. We proposed a scheme named LDSM which could be able to detect fast-flux malware distributi...

Malware is a type of malicious program that replicate from host machine and propagate through network. It has been considered as one type of computer attack and intrusion that can do a variety of malicious activity on a computer. This paper addresses the current trend of malware detection techniques and identifies the significant criteria in each technique to improve malware detection in Intrus...

Mobile Peer-to-Peer (P2P) malware has emerged as one of the major challenges in mobile network security in recent years. Around four hundred mobile viruses, worms, trojans and spyware, together with approximately one thousand of their variants have been discovered to-date. So far no classification of such mobile P2P security threats exists. There is no well known simulation environment to model...

As the dominator of the Smartphone operating system market, consequently android has attracted the attention of s malware authors and researcher alike. The number of types of android malware is increasing rapidly regardless of the considerable number of proposed malware analysis systems. In this paper, by taking advantages of low false-positive rate of misuse detection and the ability of anomal...

Current anti-virus malware detection methods focus on signature-based methods. Recent research has introduced new, effective methods of malware detection. First, recent research including cloud-based monitoring and analysis, joint network-host based methods, feature ranking, machine learning and kernel data structure invariant monitoring are reviewed. Second, virtual machine based malware detec...

Malware detection developer faced a problem for a generation of new signature of malware code. A very famous and recognized technique is pattern based malware code detection technique. This leads to the evasion of signatures that are built based on the code syntax. In this paper, we discuss some well known method of malware detection based on semantic feature extraction technique. In current de...

Malware is a software which is designed with an intent to damage a network or computer resources. Today, the emergence of malware is on boom letting the researchers develop novel techniques to protect computers and networks. The three major techniques used for malware detection are heuristic, signature-based, and behavior based. Among these, the most prevalent is the heuristic based malware det...

Malware analysis is critical for malware detection and prevention. To defeat malware analysis and detection, today malware commonly adopts various sophisticated anti-detection techniques, such as performing debugger, emulator, and virtual machine fingerprinting, and camouflaging its traffic as normal legitimate traffic. These mechanisms produce more and more stealthy malware that greatly challe...