Improvement of Malware Classification Using Hybrid Feature Engineering

Polymorphic malware has evolved as a major threat in Computer Systems. Their creation technology is constantly evolving using sophisticated tactics to create multiple instances of the existing ones. Current solutions are not yet able to sufficiently address this problem. They are mostly signature based; however, a changing malware means a changing signature. They, therefore, easily evade detection. Classifying them into their respective families is also hard, thus making elimination harder. In this paper, we propose a new feature engineering (NFE) approach for a better classification of polymorphic malware based on a hybrid of structural and behavioural features. We use accuracy, recall, precision, and F score to evaluate our approach. We achieve an improvement of 12% on accuracy between raw features and NFE features. We also demonstrated the robustness of NFE on feature selection as compared to other feature selection techniques.

[1]  Tyler Moore,et al.  Polymorphic malware detection using sequence classification methods and ensembles , 2017, EURASIP J. Inf. Secur..

[2]  Norodin A. Rangaig,et al.  Derivation of quantum propagator for coupled harmonic oscillator with uniform electric field in a single harmonic oscillator environment using white noise functional approach , 2019, Journal of King Saud University - Science.

[3]  Ciprian-Octavian Truica,et al.  CRUD Operations in MongoDB , 2013 .

[4]  Claudia Eckert,et al.  Feature Selection and Extraction for Malware Classification , 2015, J. Inf. Sci. Eng..

[5]  Shouhuai Xu,et al.  Multi-context features for detecting malicious programs , 2018, Journal of Computer Virology and Hacking Techniques.

[6]  G. Aghila,et al.  A learning model to detect maliciousness of portable executable using integrated feature set , 2017, J. King Saud Univ. Comput. Inf. Sci..

[7]  Brian Mckenna News: Symantec's Thompson pronounces old style IT security dead , 2005 .

[8]  Mark Stamp,et al.  A comparison of static, dynamic, and hybrid analysis for malware detection , 2015, Journal of Computer Virology and Hacking Techniques.

[9]  James B. Fraley,et al.  Polymorphic malware detection using topological feature extraction with data mining , 2016, SoutheastCon 2016.

[10]  Maninder Singh,et al.  Efficient hybrid technique for detecting zero-day polymorphic worms , 2014, 2014 IEEE International Advance Computing Conference (IACC).

[11]  Daniel Gibert,et al.  Using convolutional neural networks for classification of malware represented as images , 2018, Journal of Computer Virology and Hacking Techniques.

[12]  Ajit Narayanan,et al.  Needleman-Wunsch and Smith-Waterman Algorithms for Identifying Viral Polymorphic Malware Variants , 2016, 2016 IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, 14th Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech).

[13]  Mike Ford,et al.  A process to transfer Fail2ban data to an adaptive enterprise intrusion detection and prevention system , 2016, SoutheastCon 2016.

[14]  Md Zakirul Alam Bhuiyan,et al.  Maintaining the Balance between Privacy and Data Integrity in Internet of Things , 2017, ICMSS '17.

[15]  Ajit Narayanan,et al.  Using different substitution matrices in a string-matching technique for identifying viral polymorphic malware variants , 2016, 2016 IEEE Congress on Evolutionary Computation (CEC).

[16]  Qingshan Jiang,et al.  A feature selection method for malware detection , 2011, 2011 IEEE International Conference on Information and Automation.

[17]  Ali Hamzeh,et al.  Music classification as a new approach for malware detection , 2018, Journal of Computer Virology and Hacking Techniques.

[18]  Maninder Singh,et al.  Behavior analysis of malware using machine learning , 2015, 2015 Eighth International Conference on Contemporary Computing (IC3).

[19]  Emmanuel Masabo,et al.  A State of the Art Survey on Polymorphic Malware Analysis and Detection Techniques , 2018 .

[20]  Robert Luh,et al.  Malicious Behavior Patterns , 2014, 2014 IEEE 8th International Symposium on Service Oriented System Engineering.

[21]  Mansour Ahmadi,et al.  Malware detection by behavioural sequential patterns , 2013 .

[22]  Shaoning Pang,et al.  The Effects of Different Representations on Static Structure Analysis of Computer Malware Signatures , 2013, TheScientificWorldJournal.