Title:  DLLMiner: structural mining for malware detection
Internal authors: 
Issue Date:  2015
Abstract:  Existing anti-malware products usually use signature-based techniques as their main detection engine. Although these methods are very fast, they are unable to provide effective protection against newly discovered malware or mutated variant of old malware. Heuristic approaches are the next generation of detection techniques to mitigate the problem. These approaches aim to improve the detection rate by extracting more behavioral characteristics of malware. Although these approaches cover the disadvantages of signature-based techniques, they usually have a high false positive, and evasion is still possible from these approaches. In this paper, we propose an effective and efficient heuristic technique based on static analysis that not only detect malware with a very high accuracy, but also is robust against common evasion techniques such as junk injection and packing. Our proposed system is able to extract behavioral features from a unique structure in portable executable, which is called dynamic-link library dependency tree, without actually executing the application.
URI:  http://hdl.handle.net/11584/122257
Type: 1.1 Articolo in rivista

Files in This Item:
File Description Type License  
Narouei_et_al-2015-Security_and_Communication_Networks.pdf  versione editoriale Administrator    Request a copy

Questionnaire and social

Share on: