Abstract

Malware pose a serious threat to the computers of individuals, enterprises and other organizations. In the Windows operating system (OS), Application Programming Interface (API) calls are an attractive and distinguishable feature for malware analysis and detection as they can properly reflect the actions of portable executable (PE) files. In this paper, we propose MalSPM, an intelligent malware detection system based on sequential pattern mining (SPM) for the analysis and classification of malware behavior during executions. A dataset that contains sequences of API calls made by different malware on Windows OS is abstracted into a suitable format. SPM algorithms are first used on the corpus to find frequent API calls and their patterns. Moreover, sequential rules between API calls patterns as well as maximal and closed frequent API calls patterns are discovered. Obtained frequent patterns are then used for the classification of different malware. Seven classifiers are used and their performance is compared by using various metrics. Moreover, the performance of MalSPM is compared with existing state-of-the-art malware detection approaches and obtained results show that MalSPM outperforms these approaches.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Metamorphic Malware Behavior Analysis Using Sequential Pattern Mining
M Saqib Nawaz ... M Zohaib Nawaz
-
M Saqib Nawaz, et. al.M Saqib Nawaz ... M Zohaib Nawaz
01 Jan 2020
A Multi-View attention-based deep learning framework for malware detection in smart healthcare systems
Vinayakumar Ravi ... Rajasekhar Chaganti
Computer Communications | VOL. 195
Vinayakumar Ravi, et. al.Vinayakumar Ravi ... Rajasekhar Chaganti
19 Aug 2022
Deep Neural Networks for Automatic Android Malware Detection
Shifu Hou ... Thirimachos Bourlai
-
Shifu Hou, et. al.Shifu Hou ... Thirimachos Bourlai
31 Jul 2017
Intelligent Hybrid Approach for Android Malware Detection based on Permissions and API Calls
Altyeb Altaher ... Omar Mohammed
International Journal of Advanced Computer Science and Applications | VOL. 8
Altyeb Altaher, et. al.Altyeb Altaher ... Omar Mohammed
01 Jan 2017
View more papers

More From: Computers & Security

Paper Title
Journal
Date
Author
Navigating Challenging Terrain Surrounding DoD Response to Homeland Attacks on Critical Infrastructure: Case Studies of Prior Incidents Utilizing an Extended Taxonomy of Cyber Harms
Louis Nolan ... Deanna House
Computers & Security | VOL. -
Louis Nolan, et. al.Louis Nolan ... Deanna House
01 Nov 2024
Covert timing channel detection based on isolated binary trees
Yuwei Lin ... Xiaolong Zhuang
Computers & Security | VOL. -
Yuwei Lin, et. al.Yuwei Lin ... Xiaolong Zhuang
01 Nov 2024
RanSMAP: Open dataset of Ransomware Storage and Memory Access Patterns for creating deep learning based ransomware detectors
Manabu Hirano ... Ryotaro Kobayashi
Computers & Security | VOL. -
Manabu Hirano, et. al.Manabu Hirano ... Ryotaro Kobayashi
01 Nov 2024
Trust my IDS: An explainable AI integrated deep learning-based transparent threat detection system for industrial networks
Shifa Shoukat ... Muhammad Adil
Computers & Security | VOL. -
Shifa Shoukat, et. al.Shifa Shoukat ... Muhammad Adil
01 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.