Dynamic Innate Immune System Model for Malware Detection

2013 International Conference on IT Convergence and Security (ICITCS) Pub Date : 2013-12-01 DOI:10.1109/ICITCS.2013.6717828

M. Ali, M. A. Maarof

{"title":"Dynamic Innate Immune System Model for Malware Detection","authors":"M. Ali, M. A. Maarof","doi":"10.1109/ICITCS.2013.6717828","DOIUrl":null,"url":null,"abstract":"Malware stand for Malicious Software became a major threat facing the massive amount of data transmitted through the internet and the systems holding that data. Malware detection is the process of identifying the malicious behavior or object as malware. Many methods used to do the detection process, these methods are varied depending on the process used by the detector -anti virus or anti malware is a commercial name of detectors. Signature base, behavior base and specification base. Increasing the detection accuracy is the main goal of researchers in the last decade. In this paper we introduce a dynamic malware detection model by applying the innate immune system to improve the detection accuracy. The proposed model applied to the portable executable file representation by extracting the API call logs from new installed windows environment due to the wide spread of this type of files in different platforms. The results of the experiments show a better detection accuracy of the proposed model for known malware and promising improvement on the new unknown malware and polymorphic malware.","PeriodicalId":420227,"journal":{"name":"2013 International Conference on IT Convergence and Security (ICITCS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on IT Convergence and Security (ICITCS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITCS.2013.6717828","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Malware stand for Malicious Software became a major threat facing the massive amount of data transmitted through the internet and the systems holding that data. Malware detection is the process of identifying the malicious behavior or object as malware. Many methods used to do the detection process, these methods are varied depending on the process used by the detector -anti virus or anti malware is a commercial name of detectors. Signature base, behavior base and specification base. Increasing the detection accuracy is the main goal of researchers in the last decade. In this paper we introduce a dynamic malware detection model by applying the innate immune system to improve the detection accuracy. The proposed model applied to the portable executable file representation by extracting the API call logs from new installed windows environment due to the wide spread of this type of files in different platforms. The results of the experiments show a better detection accuracy of the proposed model for known malware and promising improvement on the new unknown malware and polymorphic malware.

查看原文本刊更多论文

恶意软件检测的动态先天免疫系统模型

恶意软件已成为通过互联网传输大量数据和持有这些数据的系统所面临的主要威胁。恶意软件检测是将恶意行为或对象识别为恶意软件的过程。许多方法用来做检测过程，这些方法是不同的，这取决于进程所使用的检测器-反病毒或反恶意软件是检测器的商业名称。签名库、行为库和规范库。提高检测精度是近十年来研究人员的主要目标。本文引入了一种利用先天免疫系统提高检测精度的动态恶意软件检测模型。由于这类文件在不同平台上的广泛传播，该模型通过从新安装的windows环境中提取API调用日志来应用于可移植可执行文件的表示。实验结果表明，该模型对已知恶意软件的检测精度较高，对新的未知恶意软件和多态恶意软件的检测精度也有较大提高。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 International Conference on IT Convergence and Security (ICITCS)

自引率

0.00%

发文量