Detecting Malware Activities With MalpMiner: A Dynamic Analysis Approach

被引:2
|
作者
Abdelwahed, Mustafa F. [1 ,2 ]
Kamal, Mustafa M. [2 ]
Sayed, Samir G. [2 ,3 ]
机构
[1] Helwan Univ, Fac Engn, Dept Comp & Syst Engn, Cairo 11792, Egypt
[2] Natl Telecom Regulatory Author NTRA, Egyptian Comp Emergency Readiness Team EG CERT, Cairo 12971, Egypt
[3] Helwan Univ, Fac Engn, Dept Elect & Commun Engn, Cairo 11792, Egypt
关键词
Cybersecurity; artificial intelligence; answer set programming; malware behaviour detec-tion; logic programming; emulation;
D O I
10.1109/ACCESS.2023.3266562
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Day by day, malware as a service becomes more popular and easy to acquire, thus allowing anyone to start an attack without any technical background, which in turn introduces challenges for detecting such attacks. One of those challenges is the detection of malware activities early to prevent harm as much as possible. This paper presents a trusted dynamic analysis approach based on Answer Set Programming (ASP), a logic engine inference named Malware-Logic-Miner (MalpMiner). ASP is a nonmonotonic reasoning engine built on an open-world assumption, which allows MalpMiner to adopt commonsense reasoning when capturing malware activities of any given binary. Furthermore, MalpMiner requires no prior training; therefore, it can scale up quickly to include more malware-attack attributes. Moreover, MalpMiner considers the invoked application programming interfaces' values, resulting in correct malware behaviour modelling. The baseline experiments prove the correctness of MalpMiner related to recognizing malware activities. Moreover, MalpMiner achieved a detection ratio of 99% with a false-positive rate of less than 1% while maintaining low computational costs and explaining the detection decision.
引用
收藏
页码:84772 / 84784
页数:13
相关论文
共 50 条
  • [31] A Market-Based Approach for Detecting Malware in the Cloud via Introspection
    Alruhaily, Nada
    Mera-Gomez, Carlos
    Chothia, Tom
    Bahsoon, Rami
    SERVICE-ORIENTED COMPUTING, ICSOC 2017, 2017, 10601 : 722 - 730
  • [32] A Constraint-Driven Approach for Dynamic Malware Detection
    Bernardi, Mario Luca
    Cimitile, Marta
    Distante, Damiano
    Mercaldo, Francesco
    2016 14TH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST), 2016,
  • [33] A Novel approach for detecting malware in Android applications using Deep learning
    Kaushik, Prashant
    Yadav, Pankaj K.
    2018 ELEVENTH INTERNATIONAL CONFERENCE ON CONTEMPORARY COMPUTING (IC3), 2018, : 59 - 62
  • [34] Systematic Approach to Malware Analysis (SAMA)
    Bermejo Higuera, Javier
    Abad Aramburu, Carlos
    Bermejo Higuera, Juan-Ramon
    Sicilia Urban, Miguel Angel
    Sicilia Montalvo, Juan Antonio
    APPLIED SCIENCES-BASEL, 2020, 10 (04):
  • [35] A Lifecycle Based Approach for Malware Analysis
    Pandey, Sudhir Kumar
    Mehtre, B. M.
    2014 FOURTH INTERNATIONAL CONFERENCE ON COMMUNICATION SYSTEMS AND NETWORK TECHNOLOGIES (CSNT), 2014, : 767 - 771
  • [36] Detecting A Crypto-mining Malware By Deep Learning Analysis
    Aljehani, Shahad
    Alsuwat, Hatim
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2022, 22 (06): : 172 - 180
  • [37] MalDAE: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics
    Han, Weijie
    Xue, Jingfeng
    Wang, Yong
    Huang, Lu
    Kong, Zixiao
    Mao, Limin
    COMPUTERS & SECURITY, 2019, 83 : 208 - 233
  • [38] FINISH: Efficient and Scalable NMF-Based Federated Learning for Detecting Malware Activities
    Chang, Yu-Wei
    Chen, Hong-Yen
    Han, Chansu
    Morikawa, Tomohiro
    Takahashi, Takeshi
    Lin, Tsung-Nan
    IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTING, 2023, 11 (04) : 934 - 949
  • [39] Detecting Environment-Sensitive Malware Based on Taint Analysis
    Shi, Dawei
    Tang, Xiucun
    Ye, Zhibin
    PROCEEDINGS OF 2017 8TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS 2017), 2017, : 322 - 327
  • [40] Profiling Mobile Malware behaviour through Hybrid Malware analysis Approach
    Mas'ud, Mohd Zaki
    Sahib, Shahrin
    Abdollah, Mohd Faizal
    Selamat, Siti Rahayu
    Yusof, Robiah
    Ahmad, Rabiah
    2013 9TH INTERNATIONAL CONFERENCE ON INFORMATION ASSURANCE AND SECURITY (IAS), 2013, : 78 - 84