| Title | Malware Subspecies Detection Method by Suffix Arrays and Machine Learning |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Kita, Kouhei, Uda, Ryuya |
| Conference Name | 2021 55th Annual Conference on Information Sciences and Systems (CISS) |
| Keywords | feature extraction, Human Behavior, Information security, machine learning, Malware, malware analysis, malware detection, Metrics, Pattern matching, privacy, pubcrawl, resilience, Resiliency, security, static analysis, virtual environments |
| Abstract | Malware such as metamorphic virus changes its codes and it cannot be detected by pattern matching. Such malware can be detected by surface analysis, dynamic analysis or static analysis. We focused on surface analysis since neither virtual environments nor high level engineering is required. A representative method in surface analysis is n-gram with machine learning. On the other hand, important features are sometimes cut off by n-gram since n is not variable in some existing methods. Hence, scores of malware detection methods are not perfect. Moreover, creating n-gram features takes long time for comparing files. Furthermore, in some n-gram methods, invisible malware can be created when the methods are known to attackers. Therefore, we proposed a new malware subspecies detection method by suffix arrays and machine learning. We evaluated the method with four real malware subspecies families and succeeded to classify them with almost 100% accuracy. |
| DOI | 10.1109/CISS50987.2021.9400219 |
| Citation Key | kita_malware_2021 |
Malware Subspecies Detection Method by Suffix Arrays and Machine Learning