Detecting malicious code based on static analysis combined with machine learning algorithms
1902 viewsDOI:
https://doi.org/10.54939/1859-1043.j.mst.90.2023.134-139Keywords:
Malware; Malware detection; Static analysis; Machine learning algorithms; Abnormal behavior.Abstract
The technique of spreading malicious code through users and then escalating it into the system is increasingly favored by many attackers. Therefore, to detect malicious code, the approach of behavior-based malware detection with the support of machine learning algorithms has proven to be highly effective. On the other hand, in practice, attackers often employ various methods and techniques to conceal the characteristics of malicious code based on the Portable Executable File Format (PE File). This has posed significant challenges for the detection of malware by monitoring systems. For these reasons, in this article, we propose a method for detecting malicious code based on static analysis of PE Files using machine learning algorithms.
References
[1]. Daniel Gibert, Carles Mateu, Jordi Planes. “The rise of machine learning for detection and classification of malware: Research developments, trends and challenges”. Journal of Network and Computer Applications. vol. 153. pp 1-22, (2020).
[2]. Ucci, Daniele & Aniello, Leonardo. “Survey on the Usage of Machine Learning Techniques for Malware Analysis”. Computers & Security. 81. 10.1016/j.cose.2018.11.001, (2017).
[3]. Sanjay Sharma, C. Rama Krishna, Sanjay K. Sahay. “Detection of Advanced Malware by Machine Learning Techniques”. arXiv:1903.02966. (2019).
[4]. Alireza Souri, Rahil Hosseini. “A state-of-the-art survey of malware detection approaches using data mining techniques”. Human-centric Computing and Information Sciences 8(1):1-22.
[5]. Kaspersky-Lab. “Machine Learning Methods for Malware Detection”. (2020).
[6]. R. Islam, R. Tian, L. M. Batten, S. Versteeg, “Classification of malware based on integrated static and dynamic features”, Journal of Network and Computer Applications 36 (2) 646–656, (2013).
[7]. C.-T. Lin, N.-J. Wang, H. Xiao, C. Eckert, “Feature selection and extraction for malware classification”, Journal of Information Science and Engineering 31 (3) 965–992, (2015).
[8]. A. Mohaisen, O. Alrawi, M. Mohaisen, Amal: “High-fidelity, behavior-based automated malware analysis and classification”, Computers & Security 52, 251–266, (2015).
[9]. S. Palahan, D. Babi´c, S. Chaudhuri, D. Kifer, “Extraction of statistically significant malware behaviors”, in: Computer Security Applications Conference, ACM, pp. 69–78, (2013).
[10]. Gavrilut, Dragos, M. Cimpoesu, D. Anton, L. Ciortuz. “Malware Detection Using Machine Learning”. The International Multiconference on Computer Science and Information Technology, (2009).
[11]. Priyank Singhal, Nataasha Raul. “Malware Detection Module using Machine Learning Algorithms to Assist in Centralized Security in Enterprise Networks”, (2015).
[12]. Baldangombo Usukhbayar, Nyamjav Jambaljav, Shi-Jinn Horng. “A Static Malware Detection System Using Data Mining Methods”. Cornell University, (2013).
[13]. Alazab, Mamoun, Sitalakshmi Venkatraman, Paul Watters, and Moutaz Alazab. “Zero-day Malware Detection based on Supervised Learning Algorithms of API call Signatures”. Proceedings of the 9-th Australasian Data Mining Conference, 171-181, (2011).
[14]. Nakajima, Tatsuo & Ishikawa, Hiroo & Kinebuchi, Yuki & Sugaya, Midori & Lei, Sun & Courbot, Alexandre & Zee, Andrej & Aalto, Aleksi & Duk, Kwon. “An Operating System Architecture for Future Information Appliances”. 292-303. (2008). 10.1007/978-3-540-87785-1_26.
[15]. C. Corinna, V. Vladimir. “Support-vector networks. Machine Learning”. Vol 20, pp. 273-297, (1995).
[16]. S.S. Shai, B.D. Shai. “Understanding Machine Learning: From Theory to Algorithms”. Cambridge University Press, (2014).
[17]. JohnShawe-Taylor, ShiliangSun. “Kernel Methods and Support Vector Machines”. Academic Press Library in Signal Processing Vol 1, pp. 857-881, (2014).
[18]. Leo Breiman. “Random Forests”. Machine Learning. vol. 45, Issue 1, pp 5–32. (2001).
[19]. How to create a malware detection system with machine learning. https://www.evilsocket.net/2019/05/22/How-to-create-a-Malware-detection-system-with-MachineLearning/?fbclid=IwAR1vuaOJA3UryaQATPsqKErktLft2RtzzAB5kDvgOTo4U3dF4J-Op9teokQ