A comparison of static, dynamic, and hybrid analysis for malware detection

被引：203

作者：

Damodaran A. ^{[1
]}

Troia F.D. ^{[2
]}

Visaggio C.A. ^{[2
]}

Austin T.H. ^{[1
]}

Stamp M. ^{[1
]}

机构：

[1] Department of Computer Science, San Jose State University, San Jose

[2] Department of Engineering, Università degli Studi del Sannio, Benevento

来源：

Journal of Computer Virology and Hacking Techniques | 2017年 / 13卷 / 1期

关键词：

Receiver Operating Characteristic Curve; Hide Markov Model; Control Flow Graph; Precision Recall Curve; Signature Base Detection;

D O I：

10.1007/s11416-015-0261-z

中图分类号：

学科分类号：

摘要：

In this research, we compare malware detection techniques based on static, dynamic, and hybrid analysis. Specifically, we train Hidden Markov Models (HMMs) on both static and dynamic feature sets and compare the resulting detection rates over a substantial number of malware families. We also consider hybrid cases, where dynamic analysis is used in the training phase, with static techniques used in the detection phase, and vice versa. In our experiments, a fully dynamic approach generally yields the best detection rates. We discuss the implications of this research for malware detection based on hybrid techniques. © 2015, Springer-Verlag France.

引用

页码：1 / 12

页数：11

共 50 条

[41] Static Malware Detection with Segmented Sandboxing
Qiu, Hongyuan
Osorio, Fernando C. Colon
PROCEEDINGS OF THE 2013 8TH INTERNATIONAL CONFERENCE ON MALICIOUS AND UNWANTED SOFTWARE: THE AMERICAS (MALWARE), 2013, : 132 - 141
[42] Toward Extracting Malware Features for Classification using Static and Dynamic Analysis
Choi, Young Han
Han, Byoung Jin
Bae, Byung Chul
Oh, Hyung Geun
Sohn, Ki Wook
2012 8TH INTERNATIONAL CONFERENCE ON COMPUTING AND NETWORKING TECHNOLOGY (ICCNT, INC, ICCIS AND ICMIC), 2012, : 126 - 129
[43] An Android malware static detection model
Yang H.-Y.
Xu J.
Jilin Daxue Xuebao (Gongxueban)/Journal of Jilin University (Engineering and Technology Edition), 2018, 48 (02): : 564 - 570
[44] Static and Dynamic Malware Behavioral Analysis Based on Arm Based Board
Saxena, Utkarsh
Bachhan, Om Prakash
Majumdar, Rana
2015 2ND INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT (INDIACOM), 2015, : 272 - 277
[45] Detecting Cryptomining Malware: a Deep Learning Approach for Static and Dynamic Analysis
Darabian, Hamid
Homayounoot, Sajad
Dehghantanha, Ali
Hashemi, Sattar
Karimipour, Hadis
Parizi, Reza M.
Choo, Kim-Kwang Raymond
JOURNAL OF GRID COMPUTING, 2020, 18 (02) : 293 - 303
[46] Static and Dynamic Analysis of Android Malware and Goodware Written with Unity Framework
Shim, Jaewoo
Lim, Kyeonghwan
Cho, Seong-je
Han, Sangchul
Park, Minkyu
SECURITY AND COMMUNICATION NETWORKS, 2018,
[47] Detecting Cryptomining Malware: a Deep Learning Approach for Static and Dynamic Analysis
Hamid Darabian
Sajad Homayounoot
Ali Dehghantanha
Sattar Hashemi
Hadis Karimipour
Reza M. Parizi
Kim-Kwang Raymond Choo
Journal of Grid Computing, 2020, 18 : 293 - 303
[48] Enhanced Dynamic Analysis for Malware Detection With Gradient Attack
Yan, Pei
Tan, Shunquan
Wang, Miaohui
Huang, Jiwu
IEEE SIGNAL PROCESSING LETTERS, 2024, 31 : 2825 - 2829
[49] Using N-Gram Variations in Static Analysis for Malware Detection
Radovancovici, Marco
Galis, Darius
Pungila, Ciprian
2022 24TH INTERNATIONAL SYMPOSIUM ON SYMBOLIC AND NUMERIC ALGORITHMS FOR SCIENTIFIC COMPUTING, SYNASC, 2022, : 195 - 199
[50] Fuzzy-import hashing: A static analysis technique for malware detection
Naik, Nitin
Jenkins, Paul
Savage, Nick
Yang, Longzhi
Boongoen, Tossapon
Iam-On, Natthakan
FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION, 2021, 37

← 1 2 3 4 5 →