Now a day’s malware are one of the major threats to computer information system. The current malware detection technologies have certain significant limitations on their part. Different organizations which deal with the protection of sensitive information may face the problem in identifying recent malware threats among millions and billions of benign executables using just signature-based antivirus systems. Currently for frontline defense against malware, signature-based antivirus products are used by organization.In the undergoing project, we proposed a detection approach by using static heuristics in MATR for malware in PE (portable executable) files. The project suggestslarger performance-based malware target recognition architecture that at present use only static heuristic features.Results of the experiments show that this architecture achieves an overall test accuracy of greater than 98% againstmalware set collected from various operational environments, while most antivirus provide detection accuracy of only 60% at their most sensitive configuration [1]. Implementations of this architecture enables benign executables to be classified successfully to some extent providing enhanced awareness of operators in hostile environments it also enable detection of unknown malware. We are to show the performance of Bagging and AdaBoostensemble.
| Published in | American Journal of Networks and Communications (Volume 4, Issue 3) |
| DOI | 10.11648/j.ajnc.20150403.14 |
| Page(s) | 44-48 |
| Creative Commons |
This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited. |
| Copyright |
Copyright © The Author(s), 2015. Published by Science Publishing Group |
Malware, PE (Portable Executable), Bagging, AdaBoost (Adaptive Boosting)
| [1] | T. E. Dube, R. A. Raines, M. R. Grimaila, K. W. Bauer, S. K. Rogers, “Malware Target Recognition of Unknown Threats,” IEEE Systems Journal, 2013. |
| [2] | P. Szor, “The Art of Computer Virus Research and Defense”, IN: Addison-Wesley, 2005. |
| [3] | M. Schultz, E. Eskin, E. Zadok, and S. Stolfo, “Data mining methods for detection of new malicious executables,” in Proc. IEEE Symp. Security Privacy, May 2001, pp. 38–49. |
| [4] | A. Moser, C. Kruegel, and E. Kirda, “Limits of static analysis for malware detection,” in Proc. ACSAC, 2007, pp. 421–430. |
| [5] | M. Christodorescu, N. Kidd, and W.-H. Goh, “String analysis for x86 binaries,” ACM SIGSOFT Softw. Eng. Notes, vol. 31, no. 1, p. 95, 2006. |
| [6] | N. Rafiq and Y. Mao, “Improving heuristics,” Virus Bull., pp. 9–12, Aug. 2008. |
| [7] | S. Treadwell and M. Zhou, “A heuristic approach for detection of obfuscated malware,” in Proc. Intell. Security Inform., Jun. 2009, pp. 291–299. |
| [8] | Jinrong Bai, Junfeng Wang, and Guozhong Zou, “A Malware Detection Scheme Based on Mining Format Information,” The Scientific World Journal Volume 2014, Article ID 260905, 11 pages. |
| [9] | A. Shabtai, R.Moskovitch, Y. Elovici, and C. Glezer, “Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey,” Information Security Technical Report, vol. 14, no. 1, pp. 16–29, 2009. |
| [10] | J. Z. KolterandM. A.Maloof, “Learning to detect and classify malicious executables in the wild,” Journal of Machine Learning Research, vol. 7, pp. 2721–2744, 2006. |
| [11] | J. O. Kephart and B. Arnold, “Automatic extraction of computer virus signatures,” in Proc. 4th Virus Bull. Int. Conf., 1994, pp. 178–184. |
| [12] | W. Arnold and G. Tesauro, “Automatically generated Win32 heuristic virus detection,” in Proc. Virus Bull. Conf., Sep. 2000, pp. 51–60. |
| [13] | G. Tesauro, J. Kephart, and G. Sorkin, “Neural networks for computer virus recognition,” IEEE Expert, vol. 11, no. 4, pp. 5–6, Aug. 1996. |
| [14] | T. E. Dube, R. A. Raines, S. K. Rogers, “Malware Target Recognition,” United States Patent Application Publication [US 2012/0260342 A1], 2012. |
| [15] | Symantec Corporation, “Understanding Heuristics: Symantec’s Bloodhound Technology,” Symantec White Paper Series, vol. XXXIV, no. 1, pp. 1–14, 1997. |
| [16] | T. Dube, R. Raines, G. Peterson, K. Bauer, M. Grimaila, S. Rogers, “Malware target recognition via static heuristics,” Elsevier computers & security 31 (2012) 137-1 47. |
| [17] | VX Heavens. (2010, Apr. 15). Virus Collection [Online]. Available: vx.netlux.org/vl.php |
| [18] | T. E. Dube, “A NOVEL MALWARE TARGET RECOGNITION ARCHITECTURE FOR ENHANCED CYBERSPACE SITUATION AWARENESS,” Air Force Institute of Technology, AFIT/DCE/ENG/11-07, September 2011. |
APA Style
Anuj Lohani, Aditi Lohani, Jitendra Singh, Manish Bhardwaj. (2015). Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR). American Journal of Networks and Communications, 4(3), 44-48. https://doi.org/10.11648/j.ajnc.20150403.14
ACS Style
Anuj Lohani; Aditi Lohani; Jitendra Singh; Manish Bhardwaj. Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR). Am. J. Netw. Commun. 2015, 4(3), 44-48. doi: 10.11648/j.ajnc.20150403.14
AMA Style
Anuj Lohani, Aditi Lohani, Jitendra Singh, Manish Bhardwaj. Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR). Am J Netw Commun. 2015;4(3):44-48. doi: 10.11648/j.ajnc.20150403.14
Share This Article
Twitter
Linked In
Facebook
Copy
Download@article{10.11648/j.ajnc.20150403.14,
author = {Anuj Lohani and Aditi Lohani and Jitendra Singh and Manish Bhardwaj},
title = {Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR)},
journal = {American Journal of Networks and Communications},
volume = {4},
number = {3},
pages = {44-48},
doi = {10.11648/j.ajnc.20150403.14},
url = {https://doi.org/10.11648/j.ajnc.20150403.14},
eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ajnc.20150403.14},
abstract = {Now a day’s malware are one of the major threats to computer information system. The current malware detection technologies have certain significant limitations on their part. Different organizations which deal with the protection of sensitive information may face the problem in identifying recent malware threats among millions and billions of benign executables using just signature-based antivirus systems. Currently for frontline defense against malware, signature-based antivirus products are used by organization.In the undergoing project, we proposed a detection approach by using static heuristics in MATR for malware in PE (portable executable) files. The project suggestslarger performance-based malware target recognition architecture that at present use only static heuristic features.Results of the experiments show that this architecture achieves an overall test accuracy of greater than 98% againstmalware set collected from various operational environments, while most antivirus provide detection accuracy of only 60% at their most sensitive configuration [1]. Implementations of this architecture enables benign executables to be classified successfully to some extent providing enhanced awareness of operators in hostile environments it also enable detection of unknown malware. We are to show the performance of Bagging and AdaBoostensemble.},
year = {2015}
}
TY - JOUR T1 - Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR) AU - Anuj Lohani AU - Aditi Lohani AU - Jitendra Singh AU - Manish Bhardwaj Y1 - 2015/05/11 PY - 2015 N1 - https://doi.org/10.11648/j.ajnc.20150403.14 DO - 10.11648/j.ajnc.20150403.14 T2 - American Journal of Networks and Communications JF - American Journal of Networks and Communications JO - American Journal of Networks and Communications SP - 44 EP - 48 PB - Science Publishing Group SN - 2326-8964 UR - https://doi.org/10.11648/j.ajnc.20150403.14 AB - Now a day’s malware are one of the major threats to computer information system. The current malware detection technologies have certain significant limitations on their part. Different organizations which deal with the protection of sensitive information may face the problem in identifying recent malware threats among millions and billions of benign executables using just signature-based antivirus systems. Currently for frontline defense against malware, signature-based antivirus products are used by organization.In the undergoing project, we proposed a detection approach by using static heuristics in MATR for malware in PE (portable executable) files. The project suggestslarger performance-based malware target recognition architecture that at present use only static heuristic features.Results of the experiments show that this architecture achieves an overall test accuracy of greater than 98% againstmalware set collected from various operational environments, while most antivirus provide detection accuracy of only 60% at their most sensitive configuration [1]. Implementations of this architecture enables benign executables to be classified successfully to some extent providing enhanced awareness of operators in hostile environments it also enable detection of unknown malware. We are to show the performance of Bagging and AdaBoostensemble. VL - 4 IS - 3 ER -
Email: