Review on Malware and Malware Detection Using Data Mining Techniques (original) (raw)
Related papers
Malware Detection Using Data Mining Techniques
International Journal of Intelligent Information Systems
Nowadays, malicious software attacks and threats against data and information security has become a complex process. The variety and number of these attacks and threats has resulted in providing various type of defending ways against them, but unfortunately current detection technologies are ineffective to cope with new techniques of malware designers which use them to escape from anti-malwares. In current research, we present a combination of static and dynamic methods to accelerate and improve malware detection process and to enable malware detection systems to detect malware with high precision, in less time and help network security experts to react well since time detection of security threats has a high importance in dealing with attacks.
DETECTING MALWARE BY DATA MINING
The exponentially growth of malware has created number of security threats in IT industry. A large number of viruses are developed and millions of applications are infected and suffered on daily basis. Trojan is one of the fatal and deadly types of malware. But it is often said as legitimate software. They hide themselves within harmless programs. Trojan survived by going unnoticed. They look like just about anything like the computer game as downloaded from different websites. Sometimes even a popup advertisement might try to install something on our computer. Trojan can trick you into using them. In this paper, data mining technique is being proposed to detect Trojan. The technique is based on Naive Bayes – this technique is simple to put into practice and we achieve amazing results in large number of cases. But practically, dependencies exist among variables.
Malware and Malware Detection Techniques: A Survey
International Journal for Research in Applied Science & Engineering Technology (IJRASET), 2022
Malicious software is a kind of software or codes which took some: private data, information from the PC framework, its tasks is to do only malicious objectives to the PC framework, without authorization of the PC clients. The effect of malicious software are worsen to the client. Malicious software i.e malwares are programs that are made to mischief, hinder or harm PCs, organizations and different assets related with it. Malwares are moved in PCs without the information on its proprietor. Presently malicious program is a serious threat. It is created to harm the PC framework and some of them are spread over the associated framework in the organization or web association. Analysts are making great efforts in malware framework field with compelling malware detection techniques to safeguard PC framework. Two essential methodologies have been proposed for it for example signature-based and heuristic-based detection. These methodologies distinguish known malware precisely yet can't distinguish the new, obscure malware. Recently various analysts have proposed malware identification framework utilizing data mining and machine learning strategies to distinguish between obscure and non-obscure malwares. In this paper, an detailed examination has been led on the present status of malware infection and work done for finding it.
Classification of Malware based on Data Mining Approach
IJSRD, 2013
In recent years, the number of malware families/variants has exploded dramatically. Automatic malware classification is becoming an important research area. Using data mining, we identify seven key features within the Microsoft PE file format that can be fed to machine learning algorithms to classify malware. In this paper, resting on the analysis of Windows API execution sequences called by PE files, we develop the Intelligent Malware Detection System (IMDS) using Objective- Oriented Association (OOA) mining based classification. IMDS is an integrated system consisting of three major modules: PE parser, OOA rule generator, and rule based classifier. An OOA_Fast_FP Growth algorithm is adapted to efficiently generate OOA rules for classification. Promising experimental results demonstrate that the accuracy and efficiency of our IMDS system outperform popular anti-virus software such as Norton Antivirus and McAfee Virus Scan, as well as previous data mining based detection systems which employed Naive Bayes, Support Vector Machine (SVM) and Decision Tree techniques.
A Novel Data Mining Method for Malware Detection
2014
Losses caused by malware are irrecoverable. Detection of malicious activity is the most challenge in the security of computing systems because current virulent executable are using sophisticated polymorphism and metamorphism techniques. It make difficult for analyzers to investigate their code statically. In this paper, we present a data mining approach to predict executable behavior. We provide an Application Programming Interface (API) which provides sequences captured of a running process with the aim of its predicting intention. Although API calls are commonly analyzed by existing anti-viruses and sandboxes, our work presents for the first time that using an API and the number of iteration as a countermeasure for malware detection in the API. The experiments have shown the effectiveness of our method on polymorphic and metamorphic malware by achieving an accuracy of 93.5% while keeping detection rate as
A Literature Study on Malware Detection Techniques
Abstract Faced with the treat of malicious attacks from malware, researchers are spending sleepless nights trying to come up with the most suitable detection technique that would eliminate these attacks and render the systems safe. From the time malware came into existence, a number of methods have been formulated to handle the different malware forms. The different detection techniques identified and used operate based on either of the two principles, which are signature-based or behaviour-based. While significant progress has been made, the challenge has remained to be the dynamic form of the malware. Every day there comes a different form of malware, making it difficult to have a single technique for detection. Recently, researchers have proposed malware detection systems using data mining and machine learning techniques. This paper, therefore, looks at all these techniques and compares the different techniques used in different platforms
Using Data Mining Methods to Improve Malware Detection
SSRN Electronic Journal
Malware, which is malicious software such as a virus, is more likely than not to be used by adversaries in a cyber attack. Since this is a fact, cyber security professionals need to be able to either detect malware before any harmful actions take place or be able to stop malware early in the infection. One part of the solution to this problem is to improve detection systems to detect harmful programs early, as well as to recognize dangerous components. Historically, malware detection systems have included three main components, which are data collection, malware feature extraction, and separation modules. Data mining methods may be employed then to streamline this detection process, particularly with the concepts of clustering, or classification and feature extraction on a large scale. This paper will research exactly how research how these data mining methods may be employed to improve malware detection.
IMPROVİNG THE MALWARE DETECTİON RATİO USİNG DATA MİNİNG TECHNİQUES
In today's word computer security is become essential part of internet security. Attacker may execute malware or buffer overflow attacks to gain access system malware is also big concern in computer security, now a days malware analysis is big task for the cyber security expert because over the last two to three years attacker become so smart they are used various kinds of new techniques like armoring, tunneling etc. With the help of these techniques they can easily bypass malware in good anti-virus software. in this paper, we are presenting a data mining approach which improves the malware detection ratio with high precision, whereas current anti-virus detection technologies which is based on signature, code emulation, anomaly based, these are the technologies are failed to detect malware, although some of the technologies are good, but in terms of money they are expensive and one important thing sometimes they also give the false positive results, which is our primary concern in this paper.
HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection
Today’s security threats like malware are more sophisticated and targeted than ever, and they are growing at an unprecedented rate. To deal with them, various approaches are introduced. One of them is Signature-based detection, which is an effective method and widely used to detect malware; however, there is a substantial problem in detecting new instances. In other words, it is solely useful for the second malware attack. Due to the rapid proliferation of malware and the desperate need for human effort to extract some kinds of signature, this approach is a tedious solution; thus, an intelligent malware detection system is required to deal with new malware threats. Most of intelligent detection systems utilise some data mining techniques in order to distinguish malware from sane programs. One of the pivotal phases of these systems is extracting features from malware samples and benign ones in order to make at least a learning model. This phase is called “Malware Analysis” which play...
A Survey on Malware detection using ML
International Journal for Research in Applied Science & Engineering Technology (IJRASET) , 2022
This Malware detection is a field of computer security that deals with the study and prevention of malicious software. It is not the only way to defend a company against a cyber-attack. In order to be effective, companies should analyse their risk and identify the vulnerabilities. In this paper, we will examine different techniques used to detect computer malware and malicious websites as well as future directives in this area of study and also, we will discuss the growth in computer malware and how traditional methods of detection are being replaced by innovative techniques like behavioural-based model and Signature-based model. Future directives involve developing better security products in order to fight against cyber fraud which is on a rise in recent years especially in Asia Pacific region. With this increase in cyber frauds and other malicious activities, traditional methods are not enough to block computers from it as this method has many drawbacks. In order to tackle these issues, researchers have been developing new techniques such as heuristic analysis, static & dynamic analysis which can detect more than 90% of malware samples without any false positives or negatives.