EFE: EFFICIENT FEATURE EXTRACTION ALGORITHM FOR DYNAMIC MALWARE ANALYSIS IN WINDOWS EXECUTABLES USING API CALL SEQUENCE

IJPT| Dec-2016 | Vol. 8 | Issue No.4 | 25373-25383 Page 25373 ISSN: 0975-766X CODEN: IJPTFI Available Online through Research Article www.ijptonline.com EFE: EFFICIENT FEATURE EXTRACTION ALGORITHM FOR DYNAMIC MALWARE ANALYSIS IN WINDOWS EXECUTABLES USING API CALL SEQUENCE M. Asha Jerlin 1 *, C. Jayakumar 2 , Prabhu.J 3 1 VIT University, Tamil Nadu, India. 2 SVCE, Tamil Nadu, India. 3 VIT University, Tamil Nadu, India. Email: *ashajerlin.m@vit.ac.in Received on 25-10-2016 Accepted on 02-11-2016 Abstract: In the history of technological advancements in networks and communicating devices, it is mandatory to have efficient mechanisms to detect the malwares before it corrupts the entire network or the device. Researchers have been adapting to various methodologies to detect malwares using static, dynamic and hybrid approaches. The proposed EFE(Efficient Feature Extraction)algorithm provides an efficient way to detect malwares in dynamic environment using API call sequences. It is clear from the findings that the proposed EFE (Efficient Feature Extraction) algorithm outperforms the other methods by providing a high detection rate when it is classified using SVM algorithm. It is also capable of detecting both known and unknown malwares effectively.

[1]  Christian S. Collberg,et al.  Protecting Against Unexpected System Calls , 2005, USENIX Security Symposium.

[2]  Yang Xiang,et al.  Software Similarity and Classification , 2012, SpringerBriefs in Computer Science.

[3]  C. Jayakumar,et al.  A Dynamic Malware Analysis for Windows Platform - A Survey , 2015 .

[4]  Matti A. Hiltunen,et al.  System Call Monitoring Using Authenticated System Calls , 2006, IEEE Transactions on Dependable and Secure Computing.

[5]  Nitesh V. Chawla,et al.  Information Gain, Correlation and Support Vector Machines , 2006, Feature Extraction.

[6]  Muhammad Zubair Shafiq,et al.  Using spatio-temporal information in API calls with machine learning algorithms for malware detection , 2009, AISec '09.

[7]  Md. Rafiqul Islam,et al.  Differentiating malware from cleanware using behavioural analysis , 2010, 2010 5th International Conference on Malicious and Unwanted Software.

[8]  Aditya P. Mathur,et al.  A Survey of Malware Detection Techniques , 2007 .

[9]  Survey on Malware Detection Methods , 2009 .

[10]  Martín Abadi,et al.  Control-flow integrity , 2005, CCS '05.

[11]  Kieran McLaughlin,et al.  Obfuscation: The Hidden Malware , 2011, IEEE Security & Privacy.

[12]  Paul A. Watters,et al.  Zero-day Malware Detection based on Supervised Learning Algorithms of API call Signatures , 2011, AusDM.

[13]  Jules Desharnais,et al.  Static Detection of Malicious Code in Executable Programs , 2000 .

[14]  Jie He,et al.  Analyzing Malware by Abstracting the Frequent Itemsets in API Call Sequences , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[15]  Bezawada Bruhadeshwar,et al.  Signature Generation and Detection of Malware Families , 2008, ACISP.

[16]  Carsten Willems,et al.  Automatic analysis of malware behavior using machine learning , 2011, J. Comput. Secur..