Titolo:  DLLMiner: structural mining for malware detection
Autori: 
Data di pubblicazione:  2015
Rivista: 
SECURITY AND COMMUNICATION NETWORKS  
Abstract:  Existing anti-malware products usually use signature-based techniques as their main detection engine. Although these methods are very fast, they are unable to provide effective protection against newly discovered malware or mutated variant of old malware. Heuristic approaches are the next generation of detection techniques to mitigate the problem. These approaches aim to improve the detection rate by extracting more behavioral characteristics of malware. Although these approaches cover the disadvantages of signature-based techniques, they usually have a high false positive, and evasion is still possible from these approaches. In this paper, we propose an effective and efficient heuristic technique based on static analysis that not only detect malware with a very high accuracy, but also is robust against common evasion techniques such as junk injection and packing. Our proposed system is able to extract behavioral features from a unique structure in portable executable, which is called dynamic-link library dependency tree, without actually executing the application.
Handle:  http://hdl.handle.net/11584/122257
Tipologia: 1.1 Articolo in rivista

File in questo prodotto:
File Descrizione Tipologia Licenza  
Narouei_et_al-2015-Security_and_Communication_Networks.pdf  versione editoriale Administrator   Richiedi una copia

Questionario e social

Condividi su: