formularioHidden
formularioRDF
Login

Iscriviti

O se lo preferisci...

 

Panel Informazione

Utilizamos cookies propias y de terceros para mejorar tu experiencia de navegación. Al continuar con la navegación entendemos que aceptas nuestra política de cookies.

Opcode Sequences as Representation of Executables for Data-mining-based Unknown Malware Detection

Article

In

Information Sciences , 2011 Vol. (), p.
Impact factor: 2,833

Abstract

Malware can be defined as any type of malicious code that has the potential to harm a computer or network. The volume of malware is growing faster every year and poses a serious global security threat. Consequently, malware detection has become a critical topic in computer security. Currently, signature-based detection is the most widespread method used in commercial antivirus. In spite of the broad use of this method, it can detect malware only after the malicious executable has already caused damage and provided the malware is adequately documented. Therefore, the signaturebased method consistently fails to detect new malware. In this paper, we propose a new method to detect unknown malware families. This model is based on the frequency of the appearance of opcode sequences. Furthermore, we describe a technique to mine the relevance of each opcode and assess the frequency of each opcode sequence. In addition, we provide empirical validation that this new method is capable of detecting unknown malware.

Info su questa risorsa...

Visite 123