Malware detection model based on classifying system calls and code attributes: a proof of concept

Malik F. Saleh

doi:10.1504/IJESDF.2019.098772

Back

Journal article

Malware detection model based on classifying system calls and code attributes: a proof of concept

Malik F. Saleh

International journal of electronic security and digital forensics, Vol.11(2), pp.183-193

01/01/2019

DOI: https://doi.org/10.1504/IJESDF.2019.098772

Abstract

Computer Science

Computer Science, Information Systems

Science & Technology

Technology

The process of malware detection involves static code analysis and dynamic analysis. Both methods have limitations. This research tried to bridge the gap between the two methods by dynamically predicting the risk before the static analysis. The proof-of-concept examined the code of known malwares and concluded that five characteristics of the code will predict the risk of any executable file, namely, the system function, encryption, code obfuscation, stalling code, and checking for the debugger environment. The proof-of-concept validates the effectiveness of the model. It shows 96% success and limited false-positives results.

Metrics

1 Record Views

Details

Title: Malware detection model based on classifying system calls and code attributes: a proof of concept
Creators - without role: Malik F. Saleh - Prince Mohammad bin Fahd University
Publication Details: International journal of electronic security and digital forensics, Vol.11(2), pp.183-193
Publisher: Inderscience Enterprises Ltd
Number of pages: 11
Grant note: Office of Research Development at Prince Mohammad Bin Fahd University (PMU)
Identifiers: 9925199708331
Academic Unit: Prince Mohammad Bin Fahd University
Language: English
Resource Type: Journal article