Skip to Main content Skip to Navigation
Conference papers

A Behavior-Based Approach for Malware Detection

Abstract : Malware is the fastest growing threat to information technology systems. Although a single absolute solution for defeating malware is improbable, a stacked arsenal against malicious software enhances the ability to maintain security and privacy. This research attempts to reinforce the anti-malware arsenal by studying a behavioral activity common to software – the use of handles. The characteristics of handle usage by benign and malicious software are extracted and exploited in an effort to distinguish between the two classes. An automated malware detection mechanism is presented that utilizes memory forensics, information retrieval and machine learning techniques. Experimentation with a malware dataset yields a malware detection rate of 91.4% with precision and recall of 89.8% and 91.1%, respectively.
Complete list of metadatas

Cited literature [28 references]  Display  Hide  Download

https://hal.inria.fr/hal-01716397
Contributor : Hal Ifip <>
Submitted on : Friday, February 23, 2018 - 3:50:07 PM
Last modification on : Friday, February 23, 2018 - 3:52:06 PM
Document(s) archivé(s) le : Friday, May 25, 2018 - 7:17:07 AM

File

456364_1_En_11_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Rayan Mosli, Rui Li, Bo Yuan, Yin Pan. A Behavior-Based Approach for Malware Detection. 13th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2017, Orlando, FL, United States. pp.187-201, ⟨10.1007/978-3-319-67208-3_11⟩. ⟨hal-01716397⟩

Share

Metrics

Record views

116

Files downloads

53