Opcodes as predictor for malware

被引:176
|
作者
Bilar, Daniel [1 ]
机构
[1] Wellesley Coll, Dept Comp Sci, Wellesley, MA 02181 USA
来源
INTERNATIONAL JOURNAL OF ELECTRONIC SECURITY AND DIGITAL FORENSICS | 2007年 / 1卷 / 02期
关键词
x86; opcodes; malware; structural fingerprint; statistical analysis; predictor; executable; frequency;
D O I
10.1504/IJESDF.2007.016865
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper discusses a detection mechanism for malicious code through statistical analysis of opcode distributions. A total of 67 malware executables were sampled statically disassembled and their statistical opcode frequency distribution compared with the aggregate statistics of 20 non-malicious samples. We find that malware opcode distributions differ statistically significantly from non-malicious software. Furthermore, rare opcodes seem to be a stronger predictor, explaining 12-63% of frequency variation.
引用
收藏
页码:156 / 168
页数:13
相关论文
共 50 条
  • [1] Using Dalvik Opcodes for Malware Detection on Android
    Gaviria de la Puerta, Jose
    Sanz, Borja
    Santos, Igor
    Garcia Bringas, Pablo
    HYBRID ARTIFICIAL INTELLIGENT SYSTEMS (HAIS 2015), 2015, 9121 : 416 - 426
  • [2] Malware Detection using Opcodes Statistical Features
    Rezaei, Saeid
    Rezaei, Fereidoon
    Afraz, Ali
    Shamani, Mohammad Reza
    2016 8TH INTERNATIONAL SYMPOSIUM ON TELECOMMUNICATIONS (IST), 2016, : 151 - 155
  • [3] Using Dalvik opcodes for malware detection on android
    Gaviria de la Puerta, Jose
    Sanz, Borja
    LOGIC JOURNAL OF THE IGPL, 2017, 25 (06) : 938 - 948
  • [4] Opcodes Histogram for Classifying Metamorphic Portable Executables Malware
    Rad, Babak Bashari
    Masrom, Maslin
    Ibrahim, Suahimi
    2012 INTERNATIONAL CONFERENCE ON E-LEARNING AND E-TECHNOLOGIES IN EDUCATION (ICEEE), 2012, : 209 - 213
  • [5] The Approach for IoT Malware Detection Based on Opcodes Sequences Pattern Mining
    Denysiuk, Dmytro
    Bobrovnikova, Kira
    Lysenko, Sergii
    Savenko, Oleg
    Gaj, Piotr
    Havryliuk, Roman
    Boichuk, Yaroslav
    PROCEEDINGS OF THE 11TH IEEE INTERNATIONAL CONFERENCE ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS (IDAACS'2021), VOL 2, 2021, : 779 - 784
  • [6] Multiclass Malware Classification Using Either Static Opcodes or Dynamic API Calls
    Chanajitt, Rajchada
    Pfahringer, Bernhard
    Gomes, Heitor Murilo
    Yogarajan, Vithya
    AI 2022: ADVANCES IN ARTIFICIAL INTELLIGENCE, 2022, 13728 : 427 - 441
  • [7] A New Compression Based Method for Android Malware Detection Using Opcodes
    Bakhshinejad, Nazanin
    Hamzeh, Ali
    2017 19TH CSI INTERNATIONAL SYMPOSIUM ON ARTIFICIAL INTELLIGENCE AND SIGNAL PROCESSING (AISP), 2017, : 256 - 261
  • [8] Android malware detection framework based on sensitive opcodes and deep reinforcement learning
    Yang J.
    Gui C.
    Journal of Intelligent and Fuzzy Systems, 2024, 46 (04): : 8933 - 8942
  • [9] Method of Detecting Malware Through Analysis of Opcodes Frequency with Machine Learning Technique
    Woo, Sang-Uk
    Kim, Dong-Hee
    Chung, Tai-Myoung
    ADVANCES IN COMPUTER SCIENCE AND UBIQUITOUS COMPUTING, 2017, 421 : 1019 - 1024
  • [10] A cost analysis of machine learning using dynamic runtime opcodes for malware detection
    Carlin, Domhnall
    O'Kane, Philip
    Sezer, Sakir
    COMPUTERS & SECURITY, 2019, 85 : 138 - 155
12345