基于API调用转换矩阵的恶意软件检测方法

2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) Pub Date : 2018-12-01 DOI:10.1109/ANTS.2018.8710081

V. M. Sruthi, B. Thanudas, S. Sreelal, Abhishek Chakraborty, B. S. Manoj

{"title":"基于API调用转换矩阵的恶意软件检测方法","authors":"V. M. Sruthi, B. Thanudas, S. Sreelal, Abhishek Chakraborty, B. S. Manoj","doi":"10.1109/ANTS.2018.8710081","DOIUrl":null,"url":null,"abstract":"Traditional malware detection techniques, such as signature-based detection and traditional antivirus software, are not beneficial for detecting many recent malware threats. In this paper, we propose a novel malware detection technique, API call transition matrix-based malware detection (ACTM), that efficiently detects malware based on their runtime behavior. We find that the ACTM technique performs better and detects malware with approximately 95.23% accuracy. ACTM can find applications in designing real-time malware detection when an enterprise network security system is concerned.","PeriodicalId":273443,"journal":{"name":"2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"ACTM: API Call Transition Matrix-based Malware Detection Method\",\"authors\":\"V. M. Sruthi, B. Thanudas, S. Sreelal, Abhishek Chakraborty, B. S. Manoj\",\"doi\":\"10.1109/ANTS.2018.8710081\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Traditional malware detection techniques, such as signature-based detection and traditional antivirus software, are not beneficial for detecting many recent malware threats. In this paper, we propose a novel malware detection technique, API call transition matrix-based malware detection (ACTM), that efficiently detects malware based on their runtime behavior. We find that the ACTM technique performs better and detects malware with approximately 95.23% accuracy. ACTM can find applications in designing real-time malware detection when an enterprise network security system is concerned.\",\"PeriodicalId\":273443,\"journal\":{\"name\":\"2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ANTS.2018.8710081\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ANTS.2018.8710081","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

传统的恶意软件检测技术，如基于签名的检测和传统的杀毒软件，已经无法检测到许多最新的恶意软件威胁。本文提出了一种新的恶意软件检测技术——基于API调用转移矩阵的恶意软件检测(ACTM)，该技术可以根据恶意软件的运行时行为有效地检测恶意软件。我们发现ACTM技术性能更好，检测恶意软件的准确率约为95.23%。ACTM可以应用于企业网络安全系统的实时恶意软件检测设计。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

ACTM: API Call Transition Matrix-based Malware Detection Method

Traditional malware detection techniques, such as signature-based detection and traditional antivirus software, are not beneficial for detecting many recent malware threats. In this paper, we propose a novel malware detection technique, API call transition matrix-based malware detection (ACTM), that efficiently detects malware based on their runtime behavior. We find that the ACTM technique performs better and detects malware with approximately 95.23% accuracy. ACTM can find applications in designing real-time malware detection when an enterprise network security system is concerned.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)

自引率

0.00%

发文量