Anandhi V, V. P, Varun G. Menon, Abhijith Krishna E R, Akshay Shilesh, Akshay Viswam, Amin Shafiq
{"title":"Malware Detection using Dynamic Analysis","authors":"Anandhi V, V. P, Varun G. Menon, Abhijith Krishna E R, Akshay Shilesh, Akshay Viswam, Amin Shafiq","doi":"10.1109/AICAPS57044.2023.10074588","DOIUrl":null,"url":null,"abstract":"Malware detection is an indispensable factor in the security of internet-oriented machines. The number of threats have been increased day by day. Malware analysis is a process of performing analysis and a study of the components and behavior of malware. The use of dynamic analysis will help the system to classify malware more accurately and to detect any malware samples. Dynamic analysis is a method in which the malware runs in a Sandbox environment, and artifacts are collected. The system uses Cuckoo Sandbox for executing the malware samples in a controlled environment. The system compares bidirectional long short-term memory and convolutional neural network models for machine learning algorithms to detect and classify the malware samples. Unlike a typical signature-based detection, where patterns are checked in the source file, a type of static detection, here, dynamic analysis is used to extract necessary reports, which are then preprocessed to get features like dynamic link library (dlls), kernel module names, services used, etc. to try creating a list of text, which can explain the behaviour of the executable file. These are tokenized and embedded to obtain numerical data, which is passed to the models. The accuracy of trained models is compared, which describes the performance of the models on the dataset. Thus providing grounds for testing future models and later building a better detection system based on it.","PeriodicalId":146698,"journal":{"name":"2023 International Conference on Advances in Intelligent Computing and Applications (AICAPS)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Advances in Intelligent Computing and Applications (AICAPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AICAPS57044.2023.10074588","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Malware detection is an indispensable factor in the security of internet-oriented machines. The number of threats have been increased day by day. Malware analysis is a process of performing analysis and a study of the components and behavior of malware. The use of dynamic analysis will help the system to classify malware more accurately and to detect any malware samples. Dynamic analysis is a method in which the malware runs in a Sandbox environment, and artifacts are collected. The system uses Cuckoo Sandbox for executing the malware samples in a controlled environment. The system compares bidirectional long short-term memory and convolutional neural network models for machine learning algorithms to detect and classify the malware samples. Unlike a typical signature-based detection, where patterns are checked in the source file, a type of static detection, here, dynamic analysis is used to extract necessary reports, which are then preprocessed to get features like dynamic link library (dlls), kernel module names, services used, etc. to try creating a list of text, which can explain the behaviour of the executable file. These are tokenized and embedded to obtain numerical data, which is passed to the models. The accuracy of trained models is compared, which describes the performance of the models on the dataset. Thus providing grounds for testing future models and later building a better detection system based on it.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
