Volume 4, Issue 3, June 2015, Page: 44-48
Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR)
Anuj Lohani, Dept. of Computer Science and Engineering, SRM University, NCR Campus, Modinagar, India
Aditi Lohani, Dept. of Computer Science and Engineering, SRM University, NCR Campus, Modinagar, India
Jitendra Singh, Dept. of Computer Science and Engineering, SRM University, NCR Campus, Modinagar, India
Manish Bhardwaj, Dept. of Computer Science and Engineering, SRM University, NCR Campus, Modinagar, India
Received: Mar. 18, 2015;       Accepted: Apr. 6, 2015;       Published: May 11, 2015
DOI: 10.11648/j.ajnc.20150403.14      View  3362      Downloads  122
Abstract
Now a day’s malware are one of the major threats to computer information system. The current malware detection technologies have certain significant limitations on their part. Different organizations which deal with the protection of sensitive information may face the problem in identifying recent malware threats among millions and billions of benign executables using just signature-based antivirus systems. Currently for frontline defense against malware, signature-based antivirus products are used by organization.In the undergoing project, we proposed a detection approach by using static heuristics in MATR for malware in PE (portable executable) files. The project suggestslarger performance-based malware target recognition architecture that at present use only static heuristic features.Results of the experiments show that this architecture achieves an overall test accuracy of greater than 98% againstmalware set collected from various operational environments, while most antivirus provide detection accuracy of only 60% at their most sensitive configuration [1]. Implementations of this architecture enables benign executables to be classified successfully to some extent providing enhanced awareness of operators in hostile environments it also enable detection of unknown malware. We are to show the performance of Bagging and AdaBoostensemble.
Keywords
Malware, PE (Portable Executable), Bagging, AdaBoost (Adaptive Boosting)
To cite this article
Anuj Lohani, Aditi Lohani, Jitendra Singh, Manish Bhardwaj, Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR), American Journal of Networks and Communications. Vol. 4, No. 3, 2015, pp. 44-48. doi: 10.11648/j.ajnc.20150403.14
Reference
[1]
T. E. Dube, R. A. Raines, M. R. Grimaila, K. W. Bauer, S. K. Rogers, “Malware Target Recognition of Unknown Threats,” IEEE Systems Journal, 2013.
[2]
P. Szor, “The Art of Computer Virus Research and Defense”, IN: Addison-Wesley, 2005.
[3]
M. Schultz, E. Eskin, E. Zadok, and S. Stolfo, “Data mining methods for detection of new malicious executables,” in Proc. IEEE Symp. Security Privacy, May 2001, pp. 38–49.
[4]
A. Moser, C. Kruegel, and E. Kirda, “Limits of static analysis for malware detection,” in Proc. ACSAC, 2007, pp. 421–430.
[5]
M. Christodorescu, N. Kidd, and W.-H. Goh, “String analysis for x86 binaries,” ACM SIGSOFT Softw. Eng. Notes, vol. 31, no. 1, p. 95, 2006.
[6]
N. Rafiq and Y. Mao, “Improving heuristics,” Virus Bull., pp. 9–12, Aug. 2008.
[7]
S. Treadwell and M. Zhou, “A heuristic approach for detection of obfuscated malware,” in Proc. Intell. Security Inform., Jun. 2009, pp. 291–299.
[8]
Jinrong Bai, Junfeng Wang, and Guozhong Zou, “A Malware Detection Scheme Based on Mining Format Information,” The Scientific World Journal Volume 2014, Article ID 260905, 11 pages.
[9]
A. Shabtai, R.Moskovitch, Y. Elovici, and C. Glezer, “Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey,” Information Security Technical Report, vol. 14, no. 1, pp. 16–29, 2009.
[10]
J. Z. KolterandM. A.Maloof, “Learning to detect and classify malicious executables in the wild,” Journal of Machine Learning Research, vol. 7, pp. 2721–2744, 2006.
[11]
J. O. Kephart and B. Arnold, “Automatic extraction of computer virus signatures,” in Proc. 4th Virus Bull. Int. Conf., 1994, pp. 178–184.
[12]
W. Arnold and G. Tesauro, “Automatically generated Win32 heuristic virus detection,” in Proc. Virus Bull. Conf., Sep. 2000, pp. 51–60.
[13]
G. Tesauro, J. Kephart, and G. Sorkin, “Neural networks for computer virus recognition,” IEEE Expert, vol. 11, no. 4, pp. 5–6, Aug. 1996.
[14]
T. E. Dube, R. A. Raines, S. K. Rogers, “Malware Target Recognition,” United States Patent Application Publication [US 2012/0260342 A1], 2012.
[15]
Symantec Corporation, “Understanding Heuristics: Symantec’s Bloodhound Technology,” Symantec White Paper Series, vol. XXXIV, no. 1, pp. 1–14, 1997.
[16]
T. Dube, R. Raines, G. Peterson, K. Bauer, M. Grimaila, S. Rogers, “Malware target recognition via static heuristics,” Elsevier computers & security 31 (2012) 137-1 47.
[17]
VX Heavens. (2010, Apr. 15). Virus Collection [Online]. Available: vx.netlux.org/vl.php
[18]
T. E. Dube, “A NOVEL MALWARE TARGET RECOGNITION ARCHITECTURE FOR ENHANCED CYBERSPACE SITUATION AWARENESS,” Air Force Institute of Technology, AFIT/DCE/ENG/11-07, September 2011.
Browse journals by subject