کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
6854730 | 1437594 | 2018 | 19 صفحه PDF | دانلود رایگان |
عنوان انگلیسی مقاله ISI
G3MD: Mining frequent opcode sub-graphs for metamorphic malware detection of existing families
دانلود مقاله + سفارش ترجمه
دانلود مقاله ISI انگلیسی
رایگان برای ایرانیان
کلمات کلیدی
موضوعات مرتبط
مهندسی و علوم پایه
مهندسی کامپیوتر
هوش مصنوعی
پیش نمایش صفحه اول مقاله

چکیده انگلیسی
Attackers leverage various obfuscation techniques to create a metamorphic malware that can evade from detection by anti-malwares. To defeat, we propose Graph Mining for Metamorphic Malware Detection (G3MD), an intelligent system for static detection of metamorphic malwares. G3MD demonstrates one of the many aspects of what the current generation of machine-learning techniques and expert systems can do. It extends what is known about practical application of machine-learning techniques in the field of information security. It is intended to alleviate the burden of human experts and underlying costs. The novelty of G3MD is to apply graph mining on the opcode graphs of a metamorphic family of malwares to extract the frequent sub-graphs, so called micro-signatures. Based on these sub-graphs, a classifier is trained to distinguish between a benign file and a metamorphic malware. We conducted experiments on four families of metamorphic malwares common in previous studies, namely Next Generation Virus Generation Kit (NGVCK), Second Generation Virus Generator (G2), and Mass Produced Code Generation Kit (MPCGEN) viruses and Metamorphic Worm (MWOR) worms. The precision (over 99% in most cases) of metamorphic malware detection by the proposed approach corroborates its effectiveness over other existing approaches.
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Expert Systems with Applications - Volume 112, 1 December 2018, Pages 15-33
Journal: Expert Systems with Applications - Volume 112, 1 December 2018, Pages 15-33
نویسندگان
Alireza Khalilian, Amir Nourazar, Mojtaba Vahidi-Asl, Hassan Haghighi,