A comparison of static, dynamic, and hybrid analysis for malware detection

被引:203
|
作者
Damodaran A. [1 ]
Troia F.D. [2 ]
Visaggio C.A. [2 ]
Austin T.H. [1 ]
Stamp M. [1 ]
机构
[1] Department of Computer Science, San Jose State University, San Jose
[2] Department of Engineering, Università degli Studi del Sannio, Benevento
来源
Journal of Computer Virology and Hacking Techniques | 2017年 / 13卷 / 1期
关键词
Receiver Operating Characteristic Curve; Hide Markov Model; Control Flow Graph; Precision Recall Curve; Signature Base Detection;
D O I
10.1007/s11416-015-0261-z
中图分类号
学科分类号
摘要
In this research, we compare malware detection techniques based on static, dynamic, and hybrid analysis. Specifically, we train Hidden Markov Models (HMMs) on both static and dynamic feature sets and compare the resulting detection rates over a substantial number of malware families. We also consider hybrid cases, where dynamic analysis is used in the training phase, with static techniques used in the detection phase, and vice versa. In our experiments, a fully dynamic approach generally yields the best detection rates. We discuss the implications of this research for malware detection based on hybrid techniques. © 2015, Springer-Verlag France.
引用
收藏
页码:1 / 12
页数:11
相关论文
共 50 条
  • [1] Integrated static and dynamic analysis for malware detection
    Shijo, P. V.
    Salim, A.
    PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGIES, ICICT 2014, 2015, 46 : 804 - 811
  • [2] A Hybrid Static Tool to Increase the Usability and Scalability of Dynamic Detection of Malware
    Kim, Danny
    Mirsky, Daniel
    Majlesi-Kupaei, Amir
    Barua, Rajeev
    PROCEEDINGS OF THE 2018 13TH INTERNATIONAL CONFERENCE ON MALICIOUS AND UNWANTED SOFTWARE (MALWARE 2018), 2018, : 115 - 123
  • [3] Detection of Android Malware: Combined with Static Analysis and. Dynamic Analysis
    Su, Ming-Yang
    Fung, Kek-Tung
    Huang, Yu-Hao
    Kang, Ming-Zhi
    Chung, Yen-Heng
    2016 INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING & SIMULATION (HPCS 2016), 2016, : 1013 - 1018
  • [4] Static and Dynamic Analysis of Android Malware
    Kapratwar, Ankita
    Di Troia, Fabio
    Stamp, Mark
    ICISSP: PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2017, : 653 - 662
  • [5] Limits of static analysis for malware detection
    Moser, Andreas
    Kruegel, Christopher
    Kirda, Engin
    TWENTY-THIRD ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2007, : 421 - 430
  • [6] Impact of Code Obfuscation on Android Malware Detection based on Static and Dynamic Analysis
    Bacci, Alessandro
    Bartoli, Alberto
    Martinelli, Fabio
    Medvet, Eric
    Mercaldo, Francesco
    Visaggio, Corrado Aaron
    ICISSP: PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2018, : 379 - 385
  • [7] A Static and Dynamic Visual Debugger for Malware Analysis
    Yee, Chan Lee
    Chuan, Lee Ling
    Ismail, Mahamod
    Zainal, Nasharuddin
    18TH ASIA-PACIFIC CONFERENCE ON COMMUNICATIONS (APCC 2012): GREEN AND SMART COMMUNICATIONS FOR IT INNOVATION, 2012, : 765 - 769
  • [8] HADM: Hybrid Analysis for Detection of Malware
    Xu, Lifan
    Zhang, Dongping
    Jayasena, Nuwan
    Cavazos, John
    PROCEEDINGS OF SAI INTELLIGENT SYSTEMS CONFERENCE (INTELLISYS) 2016, VOL 2, 2018, 16 : 702 - 724
  • [9] IoT malware detection using static and dynamic analysis techniques: A systematic literature review
    Kumar, Sumit
    Ahlawat, Prachi
    Sahni, Jyoti
    SECURITY AND PRIVACY, 2024, 7 (06):
  • [10] Android malware detection approaches in combination with static and dynamic features
    Su, Ming-Yang
    Chang, Jer-Yuan
    Fung, Kek-Tung
    International Journal of Network Security, 2019, 21 (06) : 1031 - 1041
12345