Journal ArticleDOI
A survey of malware behavior description and analysis
TLDR
This paper conducts a survey on malware behavior description and analysis considering three aspects: malware behavior described, behavior analysis methods, and visualization techniques.Abstract:
Behavior-based malware analysis is an important technique for automatically analyzing and detecting malware, and it has received considerable attention from both academic and industrial communities. By considering how malware behaves, we can tackle the malware obfuscation problem, which cannot be processed by traditional static analysis approaches, and we can also derive the as-built behavior specifications and cover the entire behavior space of the malware samples. Although there have been several works focusing on malware behavior analysis, such research is far from mature, and no overviews have been put forward to date to investigate current developments and challenges. In this paper, we conduct a survey on malware behavior description and analysis considering three aspects: malware behavior description, behavior analysis methods, and visualization techniques. First, existing behavior data types and emerging techniques for malware behavior description are explored, especially the goals, principles, characteristics, and classifications of behavior analysis techniques proposed in the existing approaches. Second, the inadequacies and challenges in malware behavior analysis are summarized from different perspectives. Finally, several possible directions are discussed for future research.read more
Citations
More filters
Journal ArticleDOI
A Survey of Crypto Ransomware Attack Detection Methodologies: An Evolving Outlook
TL;DR: The approaches and open issues pertaining to ransomware detection modeling are reviewed to establish recommendations for future research directions and scope and the focus is on crypto ransomware as the most prevalent, destructive, and challenging variation.
Journal ArticleDOI
A multi-dimensional machine learning approach to predict advanced malware
TL;DR: A multi-dimensional machine learning approach to predict Stuxnet like malware from a dataset that consists of malware samples by using five distinguishing features of advanced malware, using regression models to predict advanced malware.
Journal ArticleDOI
Redundancy Coefficient Gradual Up-weighting-based Mutual Information Feature Selection technique for Crypto-ransomware early detection
Bander Ali Saleh Al-rimy,Mohd Aizaini Maarof,Mamoun Alazab,Syed Zainudeen Mohd Shaid,Fuad A. Ghaleb,Abdulmohsen Almalawi,Abdullah Marish Ali,Tawfik Al-Hadhrami +7 more
TL;DR: A novel redundancy coefficient gradual up-weighting approach was incorporated to the calculation of redundancy term of mutual information to improve the feature selection process and enhance the accuracy of the detection model.
Proceedings ArticleDOI
Methodology for Malware Classification using a Random Forest Classifier
Carlos Domenick Morales-Molina,Diego Santamaria-Guerrero,Gabriel Sanchez-Perez,Hector Perez-Meana,Aldo Hernandez-Suarez +4 more
TL;DR: This work proposes the use of an assembly classifier, better known as Random Forest, that improves the performance of other well-known algorithms by aggregating individual class predictions to combine into a final prediction.
Journal ArticleDOI
An in-depth review of machine learning based Android malware detection
TL;DR: In this paper , the authors review past works that have used machine learning to detect Android malware, and organize them according to whether they use static, dynamic or hybrid features, and present a review of supervised, unsupervised, deep learning and online learning approaches.
References
More filters
Proceedings ArticleDOI
Dissecting Android Malware: Characterization and Evolution
Yajin Zhou,Xuxian Jiang +1 more
TL;DR: Systematize or characterize existing Android malware from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software.
Proceedings ArticleDOI
DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket.
TL;DR: DREBIN is proposed, a lightweight method for detection of Android malware that enables identifying malicious applications directly on the smartphone and outperforms several related approaches and detects 94% of the malware with few false alarms.
Proceedings ArticleDOI
Adversarial machine learning
TL;DR: In this article, the authors discuss an emerging field of study: adversarial machine learning (AML), the study of effective machine learning techniques against an adversarial opponent, and give a taxonomy for classifying attacks against online machine learning algorithms.
Proceedings ArticleDOI
Ether: malware analysis via hardware virtualization extensions
TL;DR: Ether, a transparent and external approach to malware analysis, is proposed, which is motivated by the intuition that for a malware analyzer to be transparent, it must not induce any side-effects that are unconditionally detectable by malware.
Journal ArticleDOI
Adversarial Machine Learning
TL;DR: The author briefly introduces the emerging field of adversarial machine learning, in which opponents can cause traditional machine learning algorithms to behave poorly in security applications.