Open Access   Article Go Back

Polymorphic Malware in Executable Files and the Approaches towards their Detection and Extraction

Faiz Baothman1 , Muzammil H Mohammed2

  1. Dept. of Computer Science, College of Computers and Information Technology (Taif University), Taif, Saudi Arabia.
  2. Dept. of Information Technology, College of Computers and Information Technology, (Taif University), Taif, Saudi Arabia.

Correspondence should be addressed to: m.muzammil@tu.edu.sa .

Section:Research Paper, Product Type: Journal Paper
Volume-6 , Issue-2 , Page no. 12-17, Feb-2018

CrossRef-DOI:   https://doi.org/10.26438/ijcse/v6i2.1217

Online published on Feb 28, 2018

Copyright © Faiz Baothman, Muzammil H Mohammed . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

View this paper at   Google Scholar | DPI Digital Library

XML View
PDF Download

How to Cite this Paper

  • IEEE Citation
  • MLA Citation
  • APA Citation
  • BibTex Citation
  • RIS Citation

IEEE Style Citation: Faiz Baothman, Muzammil H Mohammed, “Polymorphic Malware in Executable Files and the Approaches towards their Detection and Extraction,” International Journal of Computer Sciences and Engineering, Vol.6, Issue.2, pp.12-17, 2018.

MLA Style Citation: Faiz Baothman, Muzammil H Mohammed "Polymorphic Malware in Executable Files and the Approaches towards their Detection and Extraction." International Journal of Computer Sciences and Engineering 6.2 (2018): 12-17.

APA Style Citation: Faiz Baothman, Muzammil H Mohammed, (2018). Polymorphic Malware in Executable Files and the Approaches towards their Detection and Extraction. International Journal of Computer Sciences and Engineering, 6(2), 12-17.

BibTex Style Citation:
@article{Baothman_2018,
author = {Faiz Baothman, Muzammil H Mohammed},
title = {Polymorphic Malware in Executable Files and the Approaches towards their Detection and Extraction},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {2 2018},
volume = {6},
Issue = {2},
month = {2},
year = {2018},
issn = {2347-2693},
pages = {12-17},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=1696},
doi = {https://doi.org/10.26438/ijcse/v6i2.1217}
publisher = {IJCSE, Indore, INDIA},
}

RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v6i2.1217}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=1696
TI - Polymorphic Malware in Executable Files and the Approaches towards their Detection and Extraction
T2 - International Journal of Computer Sciences and Engineering
AU - Faiz Baothman, Muzammil H Mohammed
PY - 2018
DA - 2018/02/28
PB - IJCSE, Indore, INDIA
SP - 12-17
IS - 2
VL - 6
SN - 2347-2693
ER -

VIEWS PDF XML
1255 785 downloads 428 downloads
  
  
           

Abstract

The malwares which are present with subtle with polymorphic techniques like self-mutation and emulation based mostly analysis evasion. Most anti-malware techniques are engulfed by the polymorphic malware threats that self-mutate with completely different variants at each attack. This analysis aims to contribute to the detection of malicious codes, particularly polymorphic malware by utilizing advanced static and advanced dynamic analysis for extraction of a lot of informative key options of a malware through code analysis, memory analysis and activity analysis. Correlation based mostly feature choice rules are rework features; i.e. filtering and choosing best and relevant options. A machine learning technique known as K-Nearest Neighbor (K-NN) are used for classification and detection of polymorphic malware analysis, results are supported the subsequent measuring metrics— True Positive Rate (TPR), False Positive Rate (FPR) and therefore the overall detection accuracy of experiments.

Key-Words / Index Term

Malware Detection, Static Analysis, Dynamic Analysis, Polymorphic Malware, Machine Learning

References

[1] Lavasoft, “Detecting Polymorphic Malware.” [Online]. Available: http://www.lavasoft.com/mylavasoft/securitycenter/whitepapers/detecting-polymorphic-malware. [Accessed: 01-Sep-2016].
[3] A. Sharma and S. K. Sahay, “Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey,” International Journal of Computer Applications, vol. 90, no. 2, pp. 7–11, 2014.
[4] S. K. Pandey and B. M. Mehtre, “A lifecycle based approach for malware analysis,” Proceedings - 2014 4th International Conference on Communication Systems and Network Technologies, CSNT 2014, pp. 767–771, 2014.
[5] Y. Prayudi and S. Yusirwan, “the Recognize of Malware Characteristics Through Static and Dynamic Analysis Approach As an Effort To Prevent Cybercrime Activities,” Journal of Theoretical and Applied Information Technology (JATIT), vol. 77, no. xx, pp. 438–445, 2015.
[6] M. Sikorski and A. Honig, Practical Malware analysis: The hands-on guide to dissecting malicious software. San Francisco: No Starch Press, Inc., 2012.
[7] M. Ahmadi, A. Sami, H. Rahimi, and B. Yadegari, “Malware detection by behavioural sequential patterns,” Computer Fraud & Security, vol. 2013, no. 8, pp. 11–19, 2013.
[8] S. Kumar, C. Rama Krishna, N. Aggarwal, R. Sehgal, and S. Chamotra, “Malicious data classification using structural information and behavioral specifications in executables,” 2014 Recent Advances in Engineering and Computational Sciences, RAECS 2014, pp. 1–6, 2014.
[9] S. Cesare, Y. Xiang, and W. Zhou, “Malwise-an effective and efficient classification system for packed and polymorphic malware,” IEEE Transactions on Computers, vol. 62, no. 6, pp. 1193–1206, 2013.
[10] D. Arish and M. Singh, “Behavior Analysis of Malware Using Machine Learning,” in Contemporary Computing (IC3), 2015 Eighth International Conference on, 2015, pp. 481–486.
[11] G. Liang, J. Pang, and C. Dai, “A Behavior-Based Malware Variant Classification Technique,” International Journal of Information and Education Technology, vol. 6, no. 4, pp. 291–295, 2016.
[12] V. Naidu and A. Narayanan, “Needleman-Wunsch and Smith-Waterman Algorithms for Identifying Viral Polymorphic Malware Variants,” 2016 IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, 14th Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), no. August, pp. 326–333, 2016.
[13] M. Ahmadi, A. Sami, H. Rahimi, and B. Yadegari, “Malware detection by behavioural sequential patterns,” Computer Fraud and Security, vol. 2013, no. 8, pp. 11–19, 2013.
[14] P. M. Comar, L. Liu, S. Saha, P. N. Tan, and A. Nucci, “Combining supervised and unsupervised learning for zero-day malware detection,” Proceedings - IEEE INFOCOM, pp. 2022–2030, 2013.
[15] J. Park, S. Choi, and D. Y. Kim, “Malware Analysis and Classification: A Survey,” Lecture Notes in Electrical Engineering, vol. 215, no. April, pp. 449–457, 2013.
[16] L. Zeltser, “Malware sample sources for researchers.” [Online]. Available: https://zeltser.com/malware-sample-sources. [Accessed: 28-Feb-2016].
[17] Emmanuel Masabo Makerere ,Kyanda Swaib Kaawaase, Julianne Sansa-Otim Makerere University, Kampala, Uganda Damien Hanyurwimfura University of Rwanda, Kigali, Rwanda
[18] V. Kumar and S. Minz, “Feature Selection: A literature Review,” Smart Computing Review, vol. 4, no. 3, pp. 211–229, 2014.
[19] A. Azab, R. Layton, M. Alazab, and J. Oliver, “Mining malware to detect variants,” Proceedings - 5th Cybercrime and Trustworthy Computing Conference, CTC 2014, pp. 44–53, 2015.