论文信息 - A Gene-Inspired Malware Detection Approach

A Gene-Inspired Malware Detection Approach

Malware detection is an important topic in cyber security. The research presented in this paper mainly studies on disassembly codes of Windows executable files, learns from the research route of bioinformatics and proposes the concept of software gene. A distance-based method is also proposed to measure the difference of genes and the dimensionality reduction based on a modified clustering algorithm of biological phylogenetic model. Finally a gene-inspired malware detector is constructed using Random Forest model. The software gene extraction proposed in this paper is more flexible and generates less data than the widely-used n-gram method. The detector based on genes also performs better. The clustering-based dimensionality reduction retains more comprehensive features and maintains the interpretability in software analysis area. The detector based on gene-inspired malware detection approach can reach the precision 96.14%, which is better than traditional methods.

[1] Yuval Elovici,et al. Detecting unknown malicious code by applying classification techniques on OpCode patterns , 2012, Security Informatics.

[2] Tyler Moore,et al. Polymorphic malware detection using sequence classification methods and ensembles , 2017, EURASIP J. Inf. Secur..

[3] M S Waterman,et al. Identification of common molecular subsequences. , 1981, Journal of molecular biology.

[4] Ammar Ahmed E. Elhadi,et al. Malware detection based on hybrid signature behavior application programming interface call graph , 2012 .

[5] Igor Santos,et al. Opcode sequences as representation of executables for data-mining-based unknown malware detection , 2013, Inf. Sci..

[6] Paul Geladi,et al. Principal Component Analysis , 1987, Comprehensive Chemometrics.

[7] Gerard Salton,et al. A vector space model for automatic indexing , 1975, CACM.

[8] Tyler Moore,et al. Polymorphic Malware Detection Using Sequence Classification Methods , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[9] Xuhua Xia,et al. Distance-Based Phylogenetic Methods , 2020, A Mathematical Primer of Molecular Phylogenetics.