Abstract
The rapidly increasing malware threats must be coped with new effective malware detection methodologies. Current malware threats are not limited to daily personal transactions but dowelled deeply within large enterprises and organizations. This paper introduces a new methodology for detecting and discriminating malicious versus normal applications. In this paper, we employed Ant-colony optimization to generate two behavioural graphs that characterize the difference in the execution behavior between malware and normal applications. Our proposed approach relied on the API call sequence generated when an application is executed. We used the API calls as one of the most widely used malware dynamic analysis features. Our proposed method showed distinctive behavioral differences between malicious and non-malicious applications. Our experimental results showed a comparative performance compared to other machine learning methods. Therefore, we can employ our method as an efficient technique in capturing malicious applications.
| Original language | English |
|---|---|
| Title of host publication | MIUCC 2022 - 2nd International Mobile, Intelligent, and Ubiquitous Computing Conference |
| Editors | Ayman Bahaa-Eldin, Ashraf AbdelRaouf, Nada Shorim, Samira Refaat, Shereen Essam Elbohy |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 27-32 |
| Number of pages | 6 |
| ISBN (Electronic) | 9781665466776 |
| ISBN (Print) | 9781665466783 |
| DOIs | |
| Publication status | Published - 1 Jun 2022 |
| Event | 2nd International Mobile, Intelligent, and Ubiquitous Computing Conference, MIUCC 2022 - Cairo, Egypt Duration: 8 May 2022 → 9 May 2022 |
Conference
| Conference | 2nd International Mobile, Intelligent, and Ubiquitous Computing Conference, MIUCC 2022 |
|---|---|
| Country/Territory | Egypt |
| City | Cairo |
| Period | 8/05/22 → 9/05/22 |
Keywords
- Ant Colony
- API calling sequence
- Dynamic Analysis
- Word Embedding