Abstract

Metamorphic malware modifies its code structure using a morphing engine to evade traditional signature-based detection. Previous research has shown the use of opcode instructions as feature representation with Hidden Markov Model in the context of metamorphic malware detection. However, it would be more feasible to extract a file feature at fine-grained level. In this paper, we propose a novel detection approach by generating structural features through computing a stream of byte chunks using compression ratio, entropy, Jaccard similarity coefficient and Chi-square statistic test. Nonnegative Matrix Factorization is also considered to reduce the feature dimensions. We then use the coefficient vectors from the reduced space to train Hidden Markov Model. Experimental results show there is different performance between malware detection and classification among the proposed structural features.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Structural features with nonnegative matrix factorization for metamorphic malware detection
Yeong Tyng Ling ... Nor Asilah Wati Abdul Hamid
Computers & Security | VOL. 104
Yeong Tyng Ling, et. al.Yeong Tyng Ling ... Nor Asilah Wati Abdul Hamid
12 Feb 2021
A Survey on Metamorphic Malware Detection based on Hidden Markov Model
Satheesh Kumar Sasidharan ... Ciza Thomas
-
Satheesh Kumar Sasidharan, et. al.Satheesh Kumar Sasidharan ... Ciza Thomas
01 Sep 2018
Detection of Metamorphic Malware based on HMM: A Hierarchical Approach
Mina Gharacheh ... Seyed Mehdi Hazrati Fard
International Journal of Intelligent Systems and Applications | VOL. 8
Mina Gharacheh, et. al.Mina Gharacheh ... Seyed Mehdi Hazrati Fard
08 Apr 2016
Nonnegative matrix factorization and metamorphic malware detection
Yeong Tyng Ling ... Nor Fazlida Mohd Sani
Journal of Computer Virology and Hacking Techniques | VOL. 15
Yeong Tyng Ling, et. al.Yeong Tyng Ling ... Nor Fazlida Mohd Sani
26 Apr 2019
View more papers

More From: Journal of Computer Virology and Hacking Techniques

Paper Title
Journal
Date
Author
Experts still needed: boosting long-term android malware detection with active learning
Alejandro Guerra-Manzanares ... Hayretdin Bahsi
Journal of Computer Virology and Hacking Techniques | VOL. 20
Alejandro Guerra-Manzanares, et. al.Alejandro Guerra-Manzanares ... Hayretdin Bahsi
03 Oct 2024
Reducing overdefined systems of polynomial equations derived from small scale variants of the AES via data mining methods
Jana Berušková ... Olha Jurečková
Journal of Computer Virology and Hacking Techniques | VOL. 20
Jana Berušková, et. al.Jana Berušková ... Olha Jurečková
30 Sep 2024
The editorial for special issue “Russian Research in Artificial Intelligence for Cybersecurity” of Journal of Computer Virology and Hacking Techniques (JICV) highlights the studies of Russian researchers in the field of artificial intelligence to ensure cybersecurity
Ekaterina Pleshakova ... Alisa Koreneva
Journal of Computer Virology and Hacking Techniques | VOL. 20
Ekaterina Pleshakova, et. al.Ekaterina Pleshakova ... Alisa Koreneva
27 Sep 2024
RansomGuard: a framework for proactive detection and mitigation of cryptographic windows ransomware
M Adnan Alvi ... Zunera Jalil
Journal of Computer Virology and Hacking Techniques | VOL. 20
M Adnan Alvi, et. al.M Adnan Alvi ... Zunera Jalil
27 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.