Malware Detection Based on Hybrid Signature Behaviour Application Programming Interface Call Graph
- 1 Information Assurance and Security Research Group, Faculty of Computer Science and Information Systems, University Technology, Malaysia
Abstract
Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection field. Approach: In this study, the static and dynamic analysis techniques that are used in malware detection are surveyed. Static analysis techniques, dynamic analysis techniques and their combination including Signature-Based and Behaviour-Based techniques are discussed. Results: In addition, a new malware detection framework is proposed. Conclusion: The proposed framework combines Signature-Based with Behaviour-Based using API graph system. The goal of the proposed framework is to improve accuracy and scan process time for malware detection.
DOI: https://doi.org/10.3844/ajassp.2012.283.288
Copyright: © 2012 Ammar Ahmed E. Elhadi, Mohd Aizaini Maarof and Ahmed Hamza Osman. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 4,954 Views
- 7,244 Downloads
- 92 Citations
Download
Keywords
- Malware detection
- API call graph
- framework