Abstract
According to recent reports from security repositories, malware caused global resources to sustain losses equal to 11.7 million dollars during the last year. The expansion in the tendencies of the profiteers towards making use of malware is now being seen more intensified. The production of various tools has made it possible to produce and release malware with the least technical knowledge. In contrary, malware analysis tries preventing the expansion followed by the discovery of malware. Malware analysis can be divided into two main branches, namely static and dynamic analysis. Static analysis, for its limitations, like lack of program running, cannot be accountable alone to the discovery of new malware. Due to the same reason, dynamic analysis is currently being more widely applied and it is proved more reliable. One problem exists in the dynamic analysis is that the researches conducted in this regard eliminate many of the samples for such reasons as the corruption of the file or lack of proper running as well as some other reasons. This makes the results be unreliable in the real world because it is possible to infect the system by a malware like omitted instances. This chapter combines the static and dynamic analysis methods so that the problem of the eliminated samples could be solved. The proposed method has been able to improve the detection accuracy to 97%, with considering of the samples that have not been properly run.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
M. Ahmadi, A. Sami, H. Rahimi, B. Yadegari, Malware detection by behavioural sequential patterns. Comput. Fraud Secur. 2013(8), 11–19 (2013)
Automated Malware Analysis, Cuckoo sandbox—automated malware analysis. https://cuckoosandbox.org/. Accessed 17 Aug 2018
P.N. Bahrami, A. Dehghantanha, T. Dargahi, R.M. Parizi, K.R. Choo, H.H.S. Javadi, Cyber kill chain-based taxonomy of advanced persistent threat actors: analogy of tactics, techniques, and procedures. J. Inf. Process. Syst. 15(4), 865 889 (2019). https://doi.org/10.3745/JIPS.03.0126
M. Belaoued, S. Mazouzi, Statistical study of imported APIs by PE type malware, in 2014 International Conference on Advanced Networking Distributed Systems and Applications (2014)
M. Belaoued, S. Mazouzi, Towards an automatic method for API association extraction for PE-malware categorization, in Proceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication (IPAC15) (2015)
L. Cheng, J. Liu, G. Xu, Z. Zhang, H. Wang, H.N. Dai, Y. Wu, W. Wang, SCTSC: a semi-centralized traffic signal control mode with attribute-based blockchain in IoVs. IEEE Trans. Comput. Soc. Syst. (in press). https://doi.org/10.1109/TCSS.2019.2904633
K. Cho, E.G. Im, Extracting representative API patterns of malware families using multiple sequence alignments, in Proceedings of the 2015 Conference on Research in Adaptive and Convergent Systems (RACS) (2015)
M. Damshenas, A. Dehghantanha, R. Mahmoud, A survey on malware propagation, analysis, and detection. Int. J. Cyber Secur. Digit. Forensics 2(4), 10–30 (2013)
Y. Ding, X. Yuan, K. Tang, X. Xiao, Y. Zhang, A fast malware detection algorithm based on objective-oriented association mining. Comput. Secur. 39, 315–324 (2013)
E.M. Dovom, A. Azmoodeh, A. Dehghantanha, D.E. Newton, R.M. Parizi, H. Karimipour, Fuzzy pattern tree for edge malware detection and categorization in IoT. J. Syst. Archit. 97, 1–7 (2019). https://doi.org/10.1016/j.sysarc.2019.01.017
C.-I. Fan, H.-W. Hsiao, C.-H. Chou, Y.-F. Tseng, Malware detection systems based on API log data mining, in 2015 IEEE 39th Annual Computer Software and Applications Conference (2015)
E. Gandotra, D. Bansal, S. Sofat, Malware analysis and classification: a survey. J. Inf. Secur. 5(2), 56–64 (2014)
H. HaddadPajouh, A. Dehghantanha, R. Khayami, K.K. Choo, A deep recurrent neural network based approach for Internet of Things malware threat hunting. Futur. Gener. Comput. Syst. 85, 88–96 (2018)
Y. Ma, Y. Wu, J. Li, J. Ge, APCN: a scalable architecture for balancing accountability and privacy in large-scale content-based networks. Inf. Sci. (in press). https://doi.org/10.1016/j.ins.2019.01.054
A. Moser, C. Kruegel, E. Kirda, Limits of static analysis for malware detection, in Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007) (2007)
H.H. Pajouh, A. Dehghantanha, R. Khayami, K.K. Choo, Intelligent OS X malware threat detection with code inspection. J. Comput. Virol. Hack. Tech. 14(3), 213–23 (2018)
R.M. Parizi, A. Dehghantanha, K.R. Choo, Towards better ocular recognition for secure real-world applications, in 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), New York (2018), pp. 277–282
Y. Qiao, Y. Yang, J. He, C. Tang, Z. Liu, CBM: free, automatic malware analysis framework using API call sequences, in Advances in Intelligent Systems and Computing Knowledge Engineering and Management (2013), pp. 225–236
K. Richards, R. LaSalle, F.V.D. Dool, 2017 cost of cyber crime study. https://www.ponemon.org/library/2017-cost-of-cyber-crime-study. Accessed 14 Aug 2018
Z. Salehi, M. Ghiasi, A. Sami, A miner for malware detection based on API function calls, and their arguments, in The 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012) (2012)
A. Sami, B. Yadegari, N. Peiravian, S. Hashemi, A. Hamze, Malware detection based on mining API calls, in Proceedings of the 2010 ACM Symposium on Applied Computing - SAC’10 (2010)
A. Shalaginov, S. Banin, A. Dehghantanha, K. Franke, Machine learning aided static malware analysis: a survey and tutorial, in Cyber Threat Intelligence (Springer, Cham, 2018), pp. 7–45
VirusShare, VirusShare.com. https://virusshare.com/. Accessed 17 Aug 2018
VX Heaven, http://83.133.184.251/virensimulation.org/. Accessed 17 Aug 2018
I.H. Witten, E. Frank, Data Mining: Practical Machine Learning Tools and Techniques (Morgan Kaufmann, Burlington, 2016)
Z. Yao, J. Ge, Y. Wu, L. Jian, A privacy preserved and credible network protocol. J. Parallel Distrib. Comput. 132, 150–159 (2019)
R. Zhou, X. Zhang, X. Wang, G. Yang, H. Wang, Y. Wu, Privacy-preserving data search with fine-grained dynamic search right management in fog-assisted Internet of Things. Inf. Sci. 491, 251–264 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Nassiri, M., HaddadPajouh, H., Dehghantanha, A., Karimipour, H., Parizi, R.M., Srivastava, G. (2020). Malware Elimination Impact on Dynamic Analysis: An Experimental Machine Learning Approach. In: Choo, KK., Dehghantanha, A. (eds) Handbook of Big Data Privacy. Springer, Cham. https://doi.org/10.1007/978-3-030-38557-6_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-38557-6_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38556-9
Online ISBN: 978-3-030-38557-6
eBook Packages: Computer ScienceComputer Science (R0)