A comparison of static, dynamic, and hybrid analysis for malware detection

被引：203

作者：

Damodaran A. ^{[1
]}

Troia F.D. ^{[2
]}

Visaggio C.A. ^{[2
]}

Austin T.H. ^{[1
]}

Stamp M. ^{[1
]}

机构：

[1] Department of Computer Science, San Jose State University, San Jose

[2] Department of Engineering, Università degli Studi del Sannio, Benevento

来源：

Journal of Computer Virology and Hacking Techniques | 2017年 / 13卷 / 1期

关键词：

Receiver Operating Characteristic Curve; Hide Markov Model; Control Flow Graph; Precision Recall Curve; Signature Base Detection;

D O I：

10.1007/s11416-015-0261-z

中图分类号：

学科分类号：

摘要：

In this research, we compare malware detection techniques based on static, dynamic, and hybrid analysis. Specifically, we train Hidden Markov Models (HMMs) on both static and dynamic feature sets and compare the resulting detection rates over a substantial number of malware families. We also consider hybrid cases, where dynamic analysis is used in the training phase, with static techniques used in the detection phase, and vice versa. In our experiments, a fully dynamic approach generally yields the best detection rates. We discuss the implications of this research for malware detection based on hybrid techniques. © 2015, Springer-Verlag France.

引用

页码：1 / 12

页数：11

共 50 条

[31] Android malware detection based on static behavior feature analysis
Chen C.
Liu Y.
Shen B.
Cheng J.-J.
Journal of Computers (Taiwan), 2018, 29 (06) : 243 - 253
[32] Windows malware detection based on static analysis with multiple features
Yousuf, Muhammad Irfan
Anwer, Izza
Riasat, Ayesha
Zia, Khawaja Tahir
Kim, Suhyun
PEERJ COMPUTER SCIENCE, 2023, 9
[33] Two Phase Static Analysis Technique for Android Malware Detection
Kate, Priyadarshani M.
Dhavale, Sunita V.
PROCEEDING OF THE THIRD INTERNATIONAL SYMPOSIUM ON WOMEN IN COMPUTING AND INFORMATICS (WCI-2015), 2015, : 650 - 655
[34] Detection of Android Malware by Static Analysis on Permissions and Sensitive Functions
Su, Ming-Yang
Fung, Kek-Tung
2016 EIGHTH INTERNATIONAL CONFERENCE ON UBIQUITOUS AND FUTURE NETWORKS (ICUFN), 2016, : 873 - 875
[35] ANASTASIA: ANdroid mAlware detection using STAtic analySIs of Applications
Fereidooni, Hossein
Conti, Mauro
Yao, Danfeng
Sperduti, Alessandro
2016 8TH IFIP INTERNATIONAL CONFERENCE ON NEW TECHNOLOGIES, MOBILITY AND SECURITY (NTMS), 2016,
[36] Android Malware Detection Based on Static Analysis of Characteristic Tree
Li, Qi
Li, Xiaoyu
2015 INTERNATIONAL CONFERENCE ON CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY, 2015, : 84 - 91
[37] Hybrid static/dynamic activity analysis
Kreaseck, Barbara
Ramos, Luis
Easterday, Scott
Strout, Michelle
Hovland, Paul
COMPUTATIONAL SCIENCE - ICCS 2006, PT 4, PROCEEDINGS, 2006, 3994 : 582 - 590
[38] An Effective Framework of Behavior Detection-Advanced Static Analysis for Malware Detection
Louk, Maya
Lim, Hyotaek
Lee, HoonJae
Atiquzzaman, Mohammed
2014 14th International Symposium on Communications and Information Technologies (ISCIT), 2014, : 361 - 365
[39] Malware Detection Using Machine Learning Based on the Combination of Dynamic and Static Features
Zhao, Jingling
Zhang, Suoxing
Liu, Bohan
Cui, Baojiang
2018 27TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION AND NETWORKS (ICCCN), 2018,
[40] Hybrid Detection Using Permission Analysis for Android Malware
Jiao, Haofeng
Li, Xiaohong
Zhang, Lei
Xu, Guangquan
Feng, Zhiyong
INTERNATIONAL CONFERENCE ON SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM 2014, PT I, 2015, 152 : 541 - 545

← 1 2 3 4 5 →