Loading [MathJax]/extensions/TeX/ieee_stixext.js
New Direction for Malware Detection Using System Features | IEEE Conference Publication | IEEE Xplore
Scheduled Maintenance: On Monday, 27 January, the IEEE Xplore Author Profile management portal will undergo scheduled maintenance from 9:00-11:00 AM ET (1400-1600 UTC). During this time, access to the portal will be unavailable. We apologize for any inconvenience.

New Direction for Malware Detection Using System Features


Abstract:

Choosing the right features for the malware detection is a non-trivial problem because malware creators are still changing the techniques and procedures used in malware. ...Show More

Abstract:

Choosing the right features for the malware detection is a non-trivial problem because malware creators are still changing the techniques and procedures used in malware. If we use the features that can be easily modified without the impact on functionality, the detection system cannot be implemented in practice. With a small modification of data, a malware can bypass even more trained classifiers. The methods of detection are functional only for the types of malware groups for which we have a suitable sample for training. The ability to detect zero-day attacks and new malware groups is lost. As a hypothetical solution, it is suitable to find a features that would not have been obtained from the malware samples, but would be system-dependent, and cannot be easily modified without compromising the functionality of the system. These features should also describe the malware behavior well. Such features could also include system data obtained from the computer's memory. The aim of this work is to try to identify the features of the operating system and memory, which indicates the presence of malware activity in the system, also to verify their usage on order to malware detection.
Date of Conference: 18-21 September 2019
Date Added to IEEE Xplore: 05 December 2019
ISBN Information:
Conference Location: Metz, France

References

References is not available for this document.