Malware Elimination Impact on Dynamic Analysis: An Experimental Machine Learning Approach

According to recent reports from security repositories, malware caused global resources to sustain losses equal to 11.7 million dollars during the last year. The expansion in the tendencies of the profiteers towards making use of malware is now being seen more intensified. The production of various tools has made it possible to produce and release malware with the least technical knowledge. In contrary, malware analysis tries preventing the expansion followed by the discovery of malware. Malware analysis can be divided into two main branches, namely static and dynamic analysis. Static analysis, for its limitations, like lack of program running, cannot be accountable alone to the discovery of new malware. Due to the same reason, dynamic analysis is currently being more widely applied and it is proved more reliable. One problem exists in the dynamic analysis is that the researches conducted in this regard eliminate many of the samples for such reasons as the corruption of the file or lack of proper running as well as some other reasons. This makes the results be unreliable in the real world because it is possible to infect the system by a malware like omitted instances. This chapter combines the static and dynamic analysis methods so that the problem of the eliminated samples could be solved. The proposed method has been able to improve the detection accuracy to 97%, with considering of the samples that have not been properly run.

[1]  Jie He,et al.  CBM: Free, Automatic Malware Analysis Framework Using API Call Sequences , 2014 .

[2]  Smaine Mazouzi,et al.  Statistical Study of Imported APIs by PE Type Malware , 2014, 2014 International Conference on Advanced Networking Distributed Systems and Applications.

[3]  Ali Dehghantanha,et al.  Machine Learning Aided Static Malware Analysis: A Survey and Tutorial , 2018, ArXiv.

[4]  Ali Dehghantanha,et al.  A deep Recurrent Neural Network based approach for Internet of Things malware threat hunting , 2018, Future Gener. Comput. Syst..

[5]  Yulei Wu,et al.  A privacy preserved and credible network protocol , 2019, J. Parallel Distributed Comput..

[6]  Sattar Hashemi,et al.  Malware detection based on mining API calls , 2010, SAC '10.

[7]  Hao Wang,et al.  Privacy-preserving data search with fine-grained dynamic search right management in fog-assisted Internet of Things , 2019, Inf. Sci..

[8]  Ali Dehghantanha,et al.  Towards Better Ocular Recognition for Secure Real-World Applications , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[9]  Ali Dehghantanha,et al.  Fuzzy pattern tree for edge malware detection and categorization in IoT , 2019, J. Syst. Archit..

[10]  M. Ghiasi,et al.  A miner for malware detection based on API function calls and their arguments , 2012, The 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012).

[11]  Yibin Zhang,et al.  A fast malware detection algorithm based on objective-oriented association mining , 2013, Comput. Secur..

[12]  Eul Gyu Im,et al.  Extracting representative API patterns of malware families using multiple sequence alignments , 2015, RACS.

[13]  Christopher Krügel,et al.  Limits of Static Analysis for Malware Detection , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[14]  Ali Dehghantanha,et al.  Intelligent OS X malware threat detection with code inspection , 2018, Journal of Computer Virology and Hacking Techniques.

[15]  Smaine Mazouzi,et al.  Towards an Automatic Method for API Association Extraction for PE-Malware Categorization , 2015 .

[16]  Tooska Dargahi,et al.  Cyber Kill Chain-Based Taxonomy of Advanced Persistent Threat Actors: Analogy of Tactics, Techniques, and Procedures , 2019, J. Inf. Process. Syst..

[17]  Mansour Ahmadi,et al.  Malware detection by behavioural sequential patterns , 2013 .

[18]  Ali Selamat,et al.  A survey on malware propagation, analysis, and detection , 2013 .

[19]  Divya Bansal,et al.  Malware Analysis and Classification: A Survey , 2014 .

[20]  Jun Li,et al.  APCN: A scalable architecture for balancing accountability and privacy in large-scale content-based networks , 2020, Inf. Sci..

[21]  Hong-Ning Dai,et al.  SCTSC: A Semicentralized Traffic Signal Control Mode With Attribute-Based Blockchain in IoVs , 2019, IEEE Transactions on Computational Social Systems.

[22]  Chun-I Fan,et al.  Malware Detection Systems Based on API Log Data Mining , 2015, 2015 IEEE 39th Annual Computer Software and Applications Conference.