A New Malware Detection System Using Machine Learning Techniques for API Call Sequences

ABSTRACT The detection and classification of malwares in windows executables is an important and demanding task in the field of data mining. The malwares can easily damage the system by creating harm in the user's system, so some of the existing techniques are developed in the traditional works for an accurate malware detection. But, it lacks some major drawbacks such as inaccurate detection, not highly efficient, requires a large amount of time to classify the malware type, and an increased computational complexity. To solve these issues, this article develops an efficient system for detecting the malwares in an Application Programmable Interfaces (APIs), and classifying its type as worms, virus, Trojans, or normal. Initially, the input dataset is preprocessed by normalizing the data, then its upper and lower boundaries are estimated during feature extraction. Furthermore, the Rete algorithm is implemented to generate the rules based on the pattern matching process. Here, the Multi-Dimensional Naïve Bayes Classification (MDNBS) is implemented to classify the malware that occurred in an API call sequences. In experiments, the performance results of the existing and proposed techniques are evaluated and compared based on the measures of True Positive Rate (TPR), False Positive Rate (FPR), precision, recall, f-measure and, accuracy.

[1]  Alexander Pretschner,et al.  Robust and Effective Malware Detection Through Quantitative Data Flow Graph Metrics , 2015, DIMVA.

[2]  Seref Sagiroglu,et al.  A review on mobile threats and machine learning based detection approaches , 2016, 2016 4th International Symposium on Digital Forensic and Security (ISDFS).

[3]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[4]  C. Jayakumar,et al.  EFE: EFFICIENT FEATURE EXTRACTION ALGORITHM FOR DYNAMIC MALWARE ANALYSIS IN WINDOWS EXECUTABLES USING API CALL SEQUENCE , 2017 .

[5]  Bing Wang,et al.  Manilyzer: Automated Android Malware Detection through Manifest Analysis , 2014, 2014 IEEE 11th International Conference on Mobile Ad Hoc and Sensor Systems.

[6]  Tawfiq S. Barhoom,et al.  Malware Detection Based on Permissions on Android Platform Using Data Mining , 2016 .

[7]  Abhishek Bhattacharya,et al.  Comparative Analysis of Different Feature Ranking Techniques in Data Mining-Based Android Malware Detection , 2016, FICTA.

[8]  David Clark,et al.  ITect: Scalable Information Theoretic Similarity for Malware Detection , 2016, ArXiv.

[9]  Salvatore J. Stolfo,et al.  On the feasibility of online malware detection with performance counters , 2013, ISCA.

[10]  Abhishek Kumar,et al.  Improving the detection accuracy of unknown malware by partitioning the executables in groups , 2016, ArXiv.

[11]  R. T. Goswami,et al.  DMDAM: Data Mining Based Detection of Android Malware , 2017 .

[12]  nbspParvinder Kaur,et al.  An Advanced Approach to Polymorphic/Metamorpic Malware Detection using Hybrid Clustering Approach , 2016 .

[13]  C. Jayakumar,et al.  A Dynamic Malware Analysis for Windows Platform - A Survey , 2015 .

[14]  Junfeng Wang,et al.  A Malware Detection Scheme Based on Mining Format Information , 2014, TheScientificWorldJournal.

[15]  Muhammad Zubair Shafiq,et al.  Using spatio-temporal information in API calls with machine learning algorithms for malware detection , 2009, AISec '09.

[16]  Tao Guo,et al.  Behavior Classification based Self-learning Mobile Malware Detection , 2014, J. Comput..

[17]  Zhenlong Yuan,et al.  DroidDetector: Android Malware Characterization and Detection Using Deep Learning , 2016 .

[18]  Konrad Rieck,et al.  Structural detection of android malware using embedded call graphs , 2013, AISec.

[19]  Chun-I Fan,et al.  Malware Detection Systems Based on API Log Data Mining , 2015, 2015 IEEE 39th Annual Computer Software and Applications Conference.

[20]  Sakir Sezer,et al.  High accuracy android malware detection using ensemble learning , 2015, IET Inf. Secur..

[21]  Ali Feizollah,et al.  Evaluation of machine learning classifiers for mobile malware detection , 2014, Soft Computing.

[22]  Sakir Sezer,et al.  Analysis of Bayesian classification-based approaches for Android malware detection , 2016, IET Inf. Secur..

[23]  Gonzalo Álvarez,et al.  PUMA: Permission Usage to Detect Malware in Android , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[24]  Igor Santos,et al.  OPEM: A Static-Dynamic Approach for Machine-Learning-Based Malware Detection , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[25]  Yanfang Ye,et al.  Malicious sequential pattern mining for automatic malware detection , 2016, Expert Syst. Appl..

[26]  Shi-Jinn Horng,et al.  A Static Malware Detection System Using Data Mining Methods , 2013, ArXiv.