Some malware are sophisticated with polymorphic techniques such as self-mutation and emulation based analysis evasion. Most anti-malware techniques are overwhelmed by the polymorphic malware threats that self-mutate with different variants at every attack. This research aims to contribute to the detection of malicious codes, especially polymorphic malware by utilizing advanced static and advanced dynamic analyses for extraction of more informative key features of a malware through code analysis, memory analysis and behavioral analysis. Correlation based feature selection algorithm will be used to transform features; i.e. filtering and selecting optimal and relevant features. A machine learning technique called K-Nearest Neighbor (K-NN) will be used for classification and detection of polymorphic malware. Evaluation of results will be based on the following measurement metrics-True Positive Rate (TPR), False Positive Rate (FPR) and the overall detection accuracy of experiments.
%0 Journal Article
%1 masabo2017integrated
%A Masabo, Emmanuel
%A Kaawaase, Kyanda Swaib
%A Sansa-Otim, Julianne
%A Hanyurwimfura, Damien
%D 2017
%J International Journal of Computer Science and Security (IJCSS)
%K Analysis, Detection, Dynamic Learning Machine Malware Malware, Polymorphic Static
%N 2
%P 25-33
%T Integrated Feature Extraction Approach Towards Detection of Polymorphic Malware In Executable Files
%U http://www.cscjournals.org/library/manuscriptinfo.php?mc=IJCSS-1319
%V 11
%X Some malware are sophisticated with polymorphic techniques such as self-mutation and emulation based analysis evasion. Most anti-malware techniques are overwhelmed by the polymorphic malware threats that self-mutate with different variants at every attack. This research aims to contribute to the detection of malicious codes, especially polymorphic malware by utilizing advanced static and advanced dynamic analyses for extraction of more informative key features of a malware through code analysis, memory analysis and behavioral analysis. Correlation based feature selection algorithm will be used to transform features; i.e. filtering and selecting optimal and relevant features. A machine learning technique called K-Nearest Neighbor (K-NN) will be used for classification and detection of polymorphic malware. Evaluation of results will be based on the following measurement metrics-True Positive Rate (TPR), False Positive Rate (FPR) and the overall detection accuracy of experiments.
@article{masabo2017integrated,
abstract = {Some malware are sophisticated with polymorphic techniques such as self-mutation and emulation based analysis evasion. Most anti-malware techniques are overwhelmed by the polymorphic malware threats that self-mutate with different variants at every attack. This research aims to contribute to the detection of malicious codes, especially polymorphic malware by utilizing advanced static and advanced dynamic analyses for extraction of more informative key features of a malware through code analysis, memory analysis and behavioral analysis. Correlation based feature selection algorithm will be used to transform features; i.e. filtering and selecting optimal and relevant features. A machine learning technique called K-Nearest Neighbor (K-NN) will be used for classification and detection of polymorphic malware. Evaluation of results will be based on the following measurement metrics-True Positive Rate (TPR), False Positive Rate (FPR) and the overall detection accuracy of experiments.},
added-at = {2018-12-14T08:42:29.000+0100},
author = {Masabo, Emmanuel and Kaawaase, Kyanda Swaib and Sansa-Otim, Julianne and Hanyurwimfura, Damien},
biburl = {https://www.bibsonomy.org/bibtex/2fd6830f9c1050d83b759e525c7f4fd43/cscjournals},
interhash = {d02fd216761a69278493a6be9a0c28ee},
intrahash = {fd6830f9c1050d83b759e525c7f4fd43},
issn = {1985-1553},
journal = {International Journal of Computer Science and Security (IJCSS)},
keywords = {Analysis, Detection, Dynamic Learning Machine Malware Malware, Polymorphic Static},
language = {English},
month = {April},
number = 2,
pages = {25-33},
timestamp = {2018-12-14T08:42:29.000+0100},
title = {Integrated Feature Extraction Approach Towards Detection of Polymorphic Malware In Executable Files},
url = {http://www.cscjournals.org/library/manuscriptinfo.php?mc=IJCSS-1319},
volume = 11,
year = 2017
}