Skip to main content

Malware Elimination Impact on Dynamic Analysis: An Experimental Machine Learning Approach

Abstract

According to recent reports from security repositories, malware caused global resources to sustain losses equal to 11.7 million dollars during the last year. The expansion in the tendencies of the profiteers towards making use of malware is now being seen more intensified. The production of various tools has made it possible to produce and release malware with the least technical knowledge. In contrary, malware analysis tries preventing the expansion followed by the discovery of malware. Malware analysis can be divided into two main branches, namely static and dynamic analysis. Static analysis, for its limitations, like lack of program running, cannot be accountable alone to the discovery of new malware. Due to the same reason, dynamic analysis is currently being more widely applied and it is proved more reliable. One problem exists in the dynamic analysis is that the researches conducted in this regard eliminate many of the samples for such reasons as the corruption of the file or lack of proper running as well as some other reasons. This makes the results be unreliable in the real world because it is possible to infect the system by a malware like omitted instances. This chapter combines the static and dynamic analysis methods so that the problem of the eliminated samples could be solved. The proposed method has been able to improve the detection accuracy to 97%, with considering of the samples that have not been properly run.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-38557-6_17
  • Chapter length: 12 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   169.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-38557-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   219.99
Price excludes VAT (USA)
Hardcover Book
USD   219.99
Price excludes VAT (USA)
Fig. 17.1
Fig. 17.2
Fig. 17.3

References

  1. M. Ahmadi, A. Sami, H. Rahimi, B. Yadegari, Malware detection by behavioural sequential patterns. Comput. Fraud Secur. 2013(8), 11–19 (2013)

    CrossRef  Google Scholar 

  2. Automated Malware Analysis, Cuckoo sandbox—automated malware analysis. https://cuckoosandbox.org/. Accessed 17 Aug 2018

  3. P.N. Bahrami, A. Dehghantanha, T. Dargahi, R.M. Parizi, K.R. Choo, H.H.S. Javadi, Cyber kill chain-based taxonomy of advanced persistent threat actors: analogy of tactics, techniques, and procedures. J. Inf. Process. Syst. 15(4), 865 889 (2019). https://doi.org/10.3745/JIPS.03.0126

  4. M. Belaoued, S. Mazouzi, Statistical study of imported APIs by PE type malware, in 2014 International Conference on Advanced Networking Distributed Systems and Applications (2014)

    Google Scholar 

  5. M. Belaoued, S. Mazouzi, Towards an automatic method for API association extraction for PE-malware categorization, in Proceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication (IPAC15) (2015)

    Google Scholar 

  6. L. Cheng, J. Liu, G. Xu, Z. Zhang, H. Wang, H.N. Dai, Y. Wu, W. Wang, SCTSC: a semi-centralized traffic signal control mode with attribute-based blockchain in IoVs. IEEE Trans. Comput. Soc. Syst. (in press). https://doi.org/10.1109/TCSS.2019.2904633

  7. K. Cho, E.G. Im, Extracting representative API patterns of malware families using multiple sequence alignments, in Proceedings of the 2015 Conference on Research in Adaptive and Convergent Systems (RACS) (2015)

    Google Scholar 

  8. M. Damshenas, A. Dehghantanha, R. Mahmoud, A survey on malware propagation, analysis, and detection. Int. J. Cyber Secur. Digit. Forensics 2(4), 10–30 (2013)

    Google Scholar 

  9. Y. Ding, X. Yuan, K. Tang, X. Xiao, Y. Zhang, A fast malware detection algorithm based on objective-oriented association mining. Comput. Secur. 39, 315–324 (2013)

    CrossRef  Google Scholar 

  10. E.M. Dovom, A. Azmoodeh, A. Dehghantanha, D.E. Newton, R.M. Parizi, H. Karimipour, Fuzzy pattern tree for edge malware detection and categorization in IoT. J. Syst. Archit. 97, 1–7 (2019). https://doi.org/10.1016/j.sysarc.2019.01.017

    CrossRef  Google Scholar 

  11. C.-I. Fan, H.-W. Hsiao, C.-H. Chou, Y.-F. Tseng, Malware detection systems based on API log data mining, in 2015 IEEE 39th Annual Computer Software and Applications Conference (2015)

    Google Scholar 

  12. E. Gandotra, D. Bansal, S. Sofat, Malware analysis and classification: a survey. J. Inf. Secur. 5(2), 56–64 (2014)

    Google Scholar 

  13. H. HaddadPajouh, A. Dehghantanha, R. Khayami, K.K. Choo, A deep recurrent neural network based approach for Internet of Things malware threat hunting. Futur. Gener. Comput. Syst. 85, 88–96 (2018)

    CrossRef  Google Scholar 

  14. Y. Ma, Y. Wu, J. Li, J. Ge, APCN: a scalable architecture for balancing accountability and privacy in large-scale content-based networks. Inf. Sci. (in press). https://doi.org/10.1016/j.ins.2019.01.054

  15. A. Moser, C. Kruegel, E. Kirda, Limits of static analysis for malware detection, in Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007) (2007)

    Google Scholar 

  16. H.H. Pajouh, A. Dehghantanha, R. Khayami, K.K. Choo, Intelligent OS X malware threat detection with code inspection. J. Comput. Virol. Hack. Tech. 14(3), 213–23 (2018)

    CrossRef  Google Scholar 

  17. R.M. Parizi, A. Dehghantanha, K.R. Choo, Towards better ocular recognition for secure real-world applications, in 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), New York (2018), pp. 277–282

    Google Scholar 

  18. Y. Qiao, Y. Yang, J. He, C. Tang, Z. Liu, CBM: free, automatic malware analysis framework using API call sequences, in Advances in Intelligent Systems and Computing Knowledge Engineering and Management (2013), pp. 225–236

    Google Scholar 

  19. K. Richards, R. LaSalle, F.V.D. Dool, 2017 cost of cyber crime study. https://www.ponemon.org/library/2017-cost-of-cyber-crime-study. Accessed 14 Aug 2018

  20. Z. Salehi, M. Ghiasi, A. Sami, A miner for malware detection based on API function calls, and their arguments, in The 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012) (2012)

    Google Scholar 

  21. A. Sami, B. Yadegari, N. Peiravian, S. Hashemi, A. Hamze, Malware detection based on mining API calls, in Proceedings of the 2010 ACM Symposium on Applied Computing - SAC’10 (2010)

    Google Scholar 

  22. A. Shalaginov, S. Banin, A. Dehghantanha, K. Franke, Machine learning aided static malware analysis: a survey and tutorial, in Cyber Threat Intelligence (Springer, Cham, 2018), pp. 7–45

    Google Scholar 

  23. VirusShare, VirusShare.com. https://virusshare.com/. Accessed 17 Aug 2018

  24. VX Heaven, http://83.133.184.251/virensimulation.org/. Accessed 17 Aug 2018

  25. I.H. Witten, E. Frank, Data Mining: Practical Machine Learning Tools and Techniques (Morgan Kaufmann, Burlington, 2016)

    MATH  Google Scholar 

  26. Z. Yao, J. Ge, Y. Wu, L. Jian, A privacy preserved and credible network protocol. J. Parallel Distrib. Comput. 132, 150–159 (2019)

    CrossRef  Google Scholar 

  27. R. Zhou, X. Zhang, X. Wang, G. Yang, H. Wang, Y. Wu, Privacy-preserving data search with fine-grained dynamic search right management in fog-assisted Internet of Things. Inf. Sci. 491, 251–264 (2019)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Hamed HaddadPajouh .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

Nassiri, M., HaddadPajouh, H., Dehghantanha, A., Karimipour, H., Parizi, R.M., Srivastava, G. (2020). Malware Elimination Impact on Dynamic Analysis: An Experimental Machine Learning Approach. In: Choo, KK., Dehghantanha, A. (eds) Handbook of Big Data Privacy. Springer, Cham. https://doi.org/10.1007/978-3-030-38557-6_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-38557-6_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-38556-9

  • Online ISBN: 978-3-030-38557-6

  • eBook Packages: Computer ScienceComputer Science (R0)