Name
Abstract | ||
|---|---|---|
The sophistication of computer malware is becoming a serious threat to the information technology infrastructure, which is the backbone of modern e-commerce systems. We, therefore, advocate the need for developing sophisticated, efficient, and accurate malware classification techniques that can detect a malware on the first day of its launch -- commonly known as "zero-day malware detection". To this end, we present a new technique, IMAD, that can not only identify zero-day malware without any apriori knowledge but can also detect a malicious process while it is executing (in-execution detection). The capability of in-execution malware detection empowers an operating system to immediately kill it before it can cause any significant damage. IMAD is a realtime, dynamic, efficient, in-execution zero-day malware detection scheme, which analyzes the system call sequence of a process to classify it as malicious or benign. We use Genetic Algorithm to optimize system parameters of our scheme. The evolutionary algorithm is evaluated on real world synthetic data extracted from a Linux system. The results of our experiments show that IMAD achieves more than 90% accuracy in classifying in-execution processes as benign or malicious. Moreover, our scheme can classify approximately 50% of malicious processes within first 20% of their system calls. |
Year | DOI | Venue |
|---|---|---|
2009 | 10.1145/1569901.1570109 | GECCO |
Keywords | Field | DocType |
modern e-commerce system,zero-day malware,accurate malware classification technique,in-execution malware analysis,malicious process,operating system,linux system,in-execution malware detection,zero-day malware detection,computer malware,system call,evolutionary algorithm,e commerce,classification,malware,genetic algorithm,synthetic data | Cryptovirology,Evolutionary algorithm,Computer science,A priori and a posteriori,System call,Synthetic data,Artificial intelligence,Malware,Machine learning,Genetic algorithm,Malware analysis | Conference |
Citations | PageRank | References |
19 | 1.41 | 6 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Syed Bilal Mehdi | 1 | 19 | 1.41 |
| Ajay Kumar Tanwani | 2 | 66 | 9.07 |
| Muddassar Farooq | 3 | 1221 | 83.47 |