Abstract

Detection of malicious software (malware) continues to be a problem as hackers devise new ways to evade available methods. The proliferation of malware and malware variants requires new advanced methods to detect them. This paper proposes a method to construct a common behavioral graph representing the execution behavior of a family of malware instances. The method generates one common behavioral graph by clustering a set of individual behavioral graphs, which represent kernel objects and their attributes based on system call traces. The resulting common behavioral graph has a common path, called HotPath, which is observed in all the malware instances in the same family. The proposed method shows high detection rates and false positive rates close to 0%. The derived common behavioral graph is highly scalable regardless of new instances added. It is also robust against system call attacks.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Deriving common malware behavior through graph clustering
Younghee Park ... Douglas Reeves
-
Younghee Park, et. al.Younghee Park ... Douglas Reeves
22 Mar 2011
Influence of Monoenergetic Images at Different Energy Levels in Dual-Energy Spectral CT on the Accuracy of Computer-Aided Detection for Pulmonary Embolism
Guangming Ma ... Chenwang Jin
Academic Radiology | VOL. 26
Guangming Ma, et. al.Guangming Ma ... Chenwang Jin
22 Feb 2019
Anomaly detection for resilience in cloud computing infrastructures
-
01 Jan 2017
Minimal contrast frequent pattern mining for malware detection
Aya Hellal ... Lotfi Ben Romdhane
Computers & Security | VOL. 62
Aya Hellal, et. al.Aya Hellal ... Lotfi Ben Romdhane
28 Jun 2016
View more papers

More From: Computers & Security

Paper Title
Journal
Date
Author
Hybrid feature extraction and integrated deep learning for cloud-based malware detection
Pham Sy Nguyen ... Hoang Viet Long
Computers & Security | VOL. -
Pham Sy Nguyen, et. al.Pham Sy Nguyen ... Hoang Viet Long
01 Dec 2024
Sensor attack online classification for UAVs using machine learning
Xiaomin Wei ... Jianfeng Ma
Computers & Security | VOL. -
Xiaomin Wei, et. al.Xiaomin Wei ... Jianfeng Ma
01 Dec 2024
RanSMAP: Open dataset of Ransomware Storage and Memory Access Patterns for creating deep learning based ransomware detectors
Manabu Hirano ... Ryotaro Kobayashi
Computers & Security | VOL. -
Manabu Hirano, et. al.Manabu Hirano ... Ryotaro Kobayashi
01 Nov 2024
Assessing of Software Security Reliability: Dimensional Security Assurance Techniques
Mohammad Ali ... Rifat Hossain
Computers & Security | VOL. -
Mohammad Ali, et. al.Mohammad Ali ... Rifat Hossain
01 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.