文章基本信息

标题：Metamorphic Malware Detection using Control Flow Graph Mining
本地全文：下载
作者：Mojtaba Eskandari ; Sattar Hashemi
期刊名称：International Journal of Computer Science and Network Security
印刷版ISSN：1738-7906
出版年度：2011
卷号：11
期号：12
页码：1-6
出版社：International Journal of Computer Science and Network Security
摘要：Metamorphic malware propagation has persuaded the security society to consider about new approaches to confront this generation of malware with novel solutions. Control Flow Graph, CFG, has been successful in detection of simple malwares. By now, it needs to improve the CFG based detection methods to detect metamorphic malwares efficiently. Our Approach has improved the simple CFG with beneficial information by assuming called APIs on the CFG. Converting the resulted sparse graph to a vector to decrease the complexity of graph mining algorithms, a specific feature selection is utilized and different classification approaches has been qualified. The experimental results show the contribution of this approach in both accuracy and false detection rate measurements in comparison with the other simple graph modifications. Among different classifiers on our approach the best results were attained by random forest. On the computation complexity side also this work has decreased the elaboration regarding to the simple feature selection conducted before decision making.
关键词：malware; detection; metamorphic; obfuscated; PE-file; CFG; API; ACFG