Malware Detection by Static Checking and Dynamic Analysis of Executables

The advanced malware continue to be a challenge in digital world that signature-based detection techniques fail to conquer. The malware use many anti-detection techniques to mutate. Thus no virus scanner can claim complete malware detection even for known malware. Static and dynamic analysis techniques focus upon different kinds of malware such as Evasive or Metamorphic malware. This paper proposes a comprehensive approach that combines static checking and dynamic analysis for malware detection. Static analysis is used to check the specific code characteristics. Dynamic analysis is used to analyze the runtime behavior of malware. The authors propose a framework for the automated analysis of an executable's behavior using text mining. Text mining of dynamic attributes identifies the important features for classifying the executable as benign and malware. The synergistic combination proposed in this paper allows detection of not only known variants of malware but even the obfuscated, packed and unknown malware variants and malware evasive to dynamic analysis.

MoreLess

Year of publication:	2017
Authors:	Vidyarthi, Deepti ; Choudhary, S.P. ; Rakshit, Subrata ; Kumar, C.R.S.
Published in:	International Journal of Information Security and Privacy (IJISP). - IGI Global, ISSN 1930-1669, ZDB-ID 2400983-0. - Vol. 11.2017, 3 (01.07.), p. 29-41
Publisher:	IGI Global
Subject:	Behavior-Based Detection \| Classification \| Malware Analysis \| Portable Executable \| Runtime Analysis \| Static Analysis \| Text Mining \| Virtual Machine

Online Resource

Check full text access |

More access options

doi.org

Check Google Scholar

In libraries world-wide (WorldCat)

In German libraries (KVK)

subito order

I need help

More details

Type of publication:	Article
Language:	English
Other identifiers:	10.4018/IJISP.2017070103 [DOI]
Source:	Other ZBW resources

Persistent link: https://www.econbiz.de/10012045696