Abstract
Recently malware threats are evolved to be the most cyber security threats. Because of obfuscation and evasion techniques, malware has become more sophisticated in terms of multiple variants representing the same malware function and rapidly evading existing detection approaches. The current solutions extracted the entire data without considering the unrepresentative data that belongs to evasive malware when they recognize that they are executed in controlled environments. In addition, obfuscation techniques such as dead code insertion and reordering instructions aim to produce irrelevant data and make the previous approaches based on names, frequencies, and sequences of the extracted data suffer from low detection rate. To this end, this paper proposes a framework for building an effective early malware detection model that can protect systems and data from evasive malware attacks. Predetermined evasion techniques list is used to extract the most malware behaviors representative data. The Pearson correlation coefficient (r) method is proposed to calculate the correlation between the extracted data to overcome the problem of irrelevant data.
| Original language | English |
|---|---|
| Title of host publication | 2021 International Conference on Data Science and Its Applications, ICoDSA 2021 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 181-186 |
| Number of pages | 6 |
| ISBN (Electronic) | 9781665443036 |
| ISBN (Print) | 9781665443043 |
| DOIs | |
| Publication status | Published - 3 Dec 2021 |
| Event | 2021 International Conference on Data Science and Its Applications, ICoDSA 2021 - Bandung, Indonesia Duration: 5 Aug 2021 → 6 Aug 2021 |
Conference
| Conference | 2021 International Conference on Data Science and Its Applications, ICoDSA 2021 |
|---|---|
| Country/Territory | Indonesia |
| City | Bandung |
| Period | 5/08/21 → 6/08/21 |
Keywords
- evasive malware
- feature extraction
- malware analysis
- malware detection and classification
- obfuscation