Exploiting And Estimating Malware Using Feature Impact Derived From API Call Sequence Learning

Abstract

Malware is a serious threat being posed and it has been a continuous process of protecting the systems from existing and new malware variants by defining new approaches for malware detection .In this process malware samples are first analyzed to understand the behavior of the vulnerable samples and accordingly statistical methods are defined for malware detection. Many approaches are defined for understanding the behavior of malware executables which are broadly classified in to static and dynamic assessments. The static analysis can only be used for identifying the existing types of malware but code obfuscation has made it complex to identify the variants of existing malware. To counter the code obfuscation the dynamic analysis of malware is prioritized over static analysis where the malwares are analyzed by running them in an emulated environment to understand the intent of the samples. As there is an acute need of developing a more precise and accurate approach for malware detection, this paper contributes in the above said direction where we proposed a novel measure to estimate malware by exploiting the malicious intent of executables. It is a machine learning approach where the knowledge is acquired from the existing malicious executable and the same knowledge is used to estimate the new variants of the existing malware. The proposed statistical approach can be used to improve the scalability, accuracy and robustness. It also defends against zero day exploits.