An integrated multi layers approach for detecting unknown malware behaviours
-
2019-04-07 
https://doi.org/10.14419/ijet.v7i4.23675
-
Registry, Virus Total, Bullugruad, IDA Pro, Cuckoo and Multi-Layer Malware Detection. -
Abstract
Malware represents one of the dangerous threats to computer security. Dynamic analysis has difficulties in detecting unknown malware. This paper developed an integrated multi – layer detection approach to provide more accuracy in detecting malware. User interface integrated with Virus Total was designed as a first layer which represented a warning system for malware infection, Malware data base within malware samples as a second layer, Cuckoo as a third layer, Bull guard as a fourth layer and IDA pro as a fifth layer. The results showed that the use of fifth layers was better than the use of a single detector without merging. For example, the efficiency of the proposed approach is 100% compared with 18% and 63% of Virus Total and Bellegarde respectively.
Â
Â
-
References
[1] Stamatatos, E., 2009. A Survey of Modern Authorship Attribution Methods. Journal of the American Society for Information Science and Technology, 60(3), pp.538–556.
[2] V. Surducan and E. Surducan, "Low-Cost Microwave Power Generator for Scientific and Medical Use [Application Notes]," in IEEE Microwave Magazine, vol. 14, no. 4, pp. 124-130, June 2013. doi: 10.1109/MMM.2013.2248651
[3] Cho JH, Chang SA, Kwon HS, Choi YH, KoSH, Moon SD, Yoo SJ, Song KH, Son HS, Kim HS, Lee WC, Cha BY, Son HY & Yoon KH (2006), Long-term effect of the internet-based glucose monitoring system on HbA1c Reduction and glucose stability: a 30-month follow-up study for diabetes management with a ubiquitous medical care system. Diabetes Care 29, 2625–2631. https://doi.org/10.2337/dc05-2371.
[4] Fauci AS, Braunwald E, Kasper DL & Hauser SL (2008), Principles of Harrison’s Internal Medicine, Vol. 9, 17thedn. McGraw-Hill, New York, NY, pp.2275–2304.
[5] Kim HS & Jeong HS (2007), A nurse short message service by cellular phone in type-2 diabetic patients for six months. Journal of Clinical Nursing 16, 1082–1087. https://doi.org/10.1111/j.1365-2702.2007.01698.x.
[6] Lee JR, Kim SA, Yoo JW & Kang YK (2007), The present status of diabetes education and the role recognition as a diabetes educator of nurses in korea. Diabetes Research and Clinical Practice 77, 199–204. https://doi.org/10.1016/j.diabres.2007.01.057.
[7] McMahon GT, Gomes HE, Hohne SH, Hu TM, Levine BA & Conlin PR (2005), Web-based care management in patients with poorly controlled diabetes. Diabetes Care 28, 1624–1629. https://doi.org/10.2337/diacare.28.7.1624.
[8] Thakurdesai PA, Kole PL & Pareek RP (2004), Evaluation of the quality and contents of diabetes mellitus patient education on Internet. Patient Education and Counseling 53, 309–313. https://doi.org/10.1016/j.pec.2003.04.001.
[9] Stiborek, J., Pevný, T. & Rehák, M., 2018. Multiple instance learning for malware classification. Expert Systems with Applications, 93, pp.346–357.
[10] WAGNER, M. et al., 2017. A Knowledge-Assisted Visual Malware Analysis System:Design, Validation, and Reflection of KAMAS. Elsevier computers and security, pp.1–15.
[11] Stamatatos, E., 2009. A Survey of Modern Authorship Attribution Methods. Journal of the American Society for Information Science and Technology, 60(3), pp.538–556.
[12] Benzmüller, R., 2017. malware-trends-2017. Available at: https://www.gdatasoftware.com/blog/2017/04/29666-malware-trends-2017 04/10/2017.
[13] Z. et al., 2013. A survey on heuristic malware detection techniques. IKT 2013 - 2013 5th Conference on Information and Knowledge Technology, (May), pp.113–120
[14] Bazrafshan, Z. et al., 2013. A survey on heuristic malware detection techniques. IKT 2013 - 2013 5th Conference on Information and Knowledge Technology, (May), pp.113–12
[15] Hang, H. et al., 2016. “Infect-me-notâ€: A User-centric and Site-centric Study of web-based malware. , pp.234–2
[16] Chaczko, Z. & Ahmad, F., 2009. “Wireless Sensor Network Based System for Fire Endangered Areas.†In Third International Conference on Information Technology and Applications. 2 (4–7). pp. 203–207.
[17] Bidoki, S.M., Jalili, S. & Tajoddin, A., 2017. PbMMD: A novel policy based multi-process malware detection. Engineering Applications of Artificial Intelligence, 60(August 2016), pp.57–70. Available at: http://dx.doi.org/10.1016/j.engappai.2016.12.008
[18] Tanaka, Y., Akiyama, M. & Goto, A., 2017. Analysis of malware download sites by focusing on time series variation of malware. Journal of Computational Science, 22, pp.301–313. Available at: https://doi.org/10.1016/j.jocs.2017.05.027.
[19] Maestre Vidal, J., Sandoval Orozco, A.L. & GarcÃa Villalba, L.J., 2017. Alert correlation framework for malware detection by anomaly-based packet payload analysis. Journal of Network and Computer Applications, 97(February), pp.11–22. Available at: http://dx.doi.org/10.1016/j.jnca.2017.08.010.
[20] Ceron, J.M., Margi, C.B. & Granville, L.Z., 2017. MARS: From traffic containment to network reconfiguration in malware-analysis systems. Computer Networks, 129, pp.261–272
[21] Stamatatos, E., 2009. A Survey of Modern Authorship Attribution Methods. Journal of the American Society for Information Science and Technology, 60(3), pp.538–556.
[22] H. S. Abbas, S. A. Bakar, M. Ahmadi, and Z. Haron, “Experimental studies on corrugated steel-concrete composite slab,†vol. 67, pp. 225–233, 2015.
-
Downloads
-
How to Cite
Imad Wajeeh AL-Shahwani, H., Mohamed Yassin, W., Zainalabidin, Z., & Rasheed, M. (2019). An integrated multi layers approach for detecting unknown malware behaviours. International Journal of Engineering & Technology, 7(4), 5618-5621. https://doi.org/10.14419/ijet.v7i4.23675Received date: 2018-12-11
Accepted date: 2019-01-13
Published date: 2019-04-07