Abstract
As the evolution of malware, vast damages are occurred in various industry fields. For this reason, research on malware detection has conducted actively. To improve the security of the network, SDN Quarantined Network (SQN) has been proposed. In this paper, we developed one of malware detection modules in first quarantine station in SQN by using the fact that benign and malicious files have different opcode frequency. And we applied machine learning technique as different way compare to conventional method. we verified that our module is valuable as one of detection modules and our final aim is to mount this module on the SQN system. Therefore, it would be possible more accurate inspection for new type of security attack with multiple detection modules.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Nath, H.V., Mehtre, B.M.: Static malware analysis using machine learning methods. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds.) SNDS 2014. CCIS, vol. 420, pp. 440–450. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54525-2_39
Bilar, D.: Opcodes as predictor for malware. Int. J. Electron. Secur. Digital Forensics 1(2), 156 (2007)
Santos, I., Brezo, F., Sanz, B., Laorden, C., Bringas, P.: Using opcode sequences in single-class learning to detect unknown malware. IET Inf. Secur. 5(4), 220 (2011)
Shabtai, A., Moskovitch, R., Feher, C., Dolev, S., Elovici, Y.: Detecting unknown malicious code by applying classification techniques on OpCode patterns. Secur. Inf. 1(1), 1 (2012)
Santos, I., Brezo, F., Ugarte-Pedrero, X., Bringas, P.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64–82 (2013)
Santos, I., Nieves, J., Bringas, P.: Semi-supervised learning for unknown malware detection. In: Abraham, A., Corchado, J.M., González, S.R., De Paz Santana, J.F. (eds.) International Symposium on DCAI. AISC, vol. 91, pp. 415–422. Springer, Heidelberg (2011)
Decision Trees – scikit-learn 0.17.1 documentation. http://scikit-learn.org/stable/modules/tree.html
Vxheaven.org. Welcome to VX Heaven! (2016). http://vxheaven.org/
Acknowledgements
This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (NRF-2010-0020210).
This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No.R0113-15-0002, Automotive ICT based e-Call standardization and after-market device development).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Woo, SU., Kim, DH., Chung, TM. (2017). Method of Detecting Malware Through Analysis of Opcodes Frequency with Machine Learning Technique. In: Park, J., Pan, Y., Yi, G., Loia, V. (eds) Advances in Computer Science and Ubiquitous Computing. UCAWSN CUTE CSA 2016 2016 2016. Lecture Notes in Electrical Engineering, vol 421. Springer, Singapore. https://doi.org/10.1007/978-981-10-3023-9_158
Download citation
DOI: https://doi.org/10.1007/978-981-10-3023-9_158
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-3022-2
Online ISBN: 978-981-10-3023-9
eBook Packages: EngineeringEngineering (R0)