Integrated Static Analysis for Malware Variants Detection

  • Rinu Rani JoseEmail author
  • A. Salim
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 98)


The influence of malware is growing exponentially by the invention of new malicious programs and potentially unwanted applications. Malware detection is critical for protection against data theft, security breaches and other related dangers. But the detection techniques continue to be challenging, as the attackers invent new techniques to resist the detection methods. Thus efficient techniques are required for the identification of malware variants or samples. This paper proposes an integrated static method for the efficient detection of malware. The proposed approach is a combination of two different static models. An image based model which uses image features for the analysis and a code based model which uses opcodes for the analysis of malware. Machine learning techniques are used for the classification of samples. The combined model efficiently classifies the malware variants with an accuracy of 95% and is resistant to the code obfuscation techniques associated with traditional static analysis.


Malware detection Static analysis Code visualization Opcode features Machine learning 


  1. 1.
    Cui, Z., Xue, F., Cai, X., Cao, Y., Wang, G.: Detection of malicious code variants based on deep learning. IEEE Trans. Ind. Inf. 14, 3187–3196 (2018)CrossRefGoogle Scholar
  2. 2.
    Islam, R., Tian, R., Batten, L.M., Versteeg, S.: Classification of malware based on integrated static and dynamic features. J. Netw. Comput. Appl. 36, 646–656 (2013)CrossRefGoogle Scholar
  3. 3.
    Liangboonprakong, C., Sornil, O.: Classification of malware families based on n-grams sequential pattern features. In: 2013 IEEE 8th Conference on Industrial Electronics and Applications (ICIEA), pp. 777–782. IEEE (2013)Google Scholar
  4. 4.
    Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, pp. 4. ACM, Pittsburgh (2011)Google Scholar
  5. 5.
    Ye, Y., Li, Y., Chen, Y., Jiang, Q.: Automatic malware categorization using cluster ensemble. In: Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2010, pp. 95–104. ACM, New York (2010)Google Scholar
  6. 6.
    David, O.E., Netanyahu, N.S.: Deepsign: deep learning for automatic malware signature generation and classification. In: International Joint Conference on Neural Networks (IJCNN), pp. 1–8. IEEE (2015)Google Scholar
  7. 7.
    Deepta, K.P., Salim, A.: Detecting malwares using dynamic call graphs and opcode patterns. International Conference on Advances in Computing and Data Sciences. CCIS, vol. 721, pp. 91–101. Springer, Singapore (2017)CrossRefGoogle Scholar
  8. 8.
    Islam, R., Tian, R., Batten, L.M., Versteeg, S.: Classification of malware based on string and function feature selection. In: Cybercrime and Trustworthy Computing Workshop (CTC)2010, pp. 9–17. IEEE, Victoria (2010)Google Scholar
  9. 9.
    Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Proceedings of the IEEE 23rd Annual Computer Security Applications Conference, ACSAC, pp. 421–430. IEEE, Florida (2007)Google Scholar
  10. 10.
    Salehi, Z., Ghiasi, M., Sami, A.: A miner for malware detection based on api function calls and their arguments. In: 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP), pp. 563–568 (2012)Google Scholar
  11. 11.
    Li, J., Sun, L., Yan, Q., Li, Z., Srisa, W., Yex, H.: Significant permission identification for machine learning based android malware detection. IEEE Trans. Ind. Inf. 14, 3216–3225 (2018)CrossRefGoogle Scholar
  12. 12.
    Cesare, S., Xiang, Y., Zhou, W.: Control flow-based malware variant detection. IEEE Trans. Dependable Secure Comput. 11, 307–317 (2014)CrossRefGoogle Scholar
  13. 13.
    Das, S., Liu, Y., Zhang, W., Chandramohan, M.: Semantics-based online malware detection: towards efficient real-time protection against malware. IEEE Trans. Inf. Forensics Secur. 11, 289–302 (2016)CrossRefGoogle Scholar
  14. 14.
    Naval, S., Laxmi, V., Rajarajan, M., Gaur, M., Conti, M.: Employing program semantics for malware detection. IEEE Trans. Inf. Forensics Secur. 10, 2591–2604 (2015)CrossRefGoogle Scholar
  15. 15.
    Santos, I., Brezo, F., Sanz, B., Laorden, C., Bringas, P.: Using opcode sequences in single-class learning to detect unknown malware. IET Inf. Secur. 5, 220–227 (2011)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.College of Engineering TrivandrumThiruvananthapuramIndia

Personalised recommendations