Visible to the public Optimizing Detection of Malware Attacks through Graph-Based Approach

Submitted by grigby1 on Mon, 04/02/2018 - 11:52am
TitleOptimizing Detection of Malware Attacks through Graph-Based Approach
Publication TypeConference Paper
Year of Publication2017
AuthorsMuthumanickam, K., Ilavarasan, E.
Conference Name2017 International Conference on Technical Advancements in Computers and Communications (ICTACC)
KeywordsAPI graph-based model, API hook, application program interfaces, application programming interface, Attack Graphs, code obfuscation technique, communication technology, composability, Computational modeling, computer viruses, Computers, digital signatures, graph comparison, graph partition, graph theory, graph-based approach, graph-generation, Graph-model, hook attacks, Host-based, invasive software, Kernel, malicious code execution, malicious system call, Malware, malware attacks, Metrics, Monitoring, optimisation, Optimization, pubcrawl, resilience, Resiliency, signature-based model, Tools
Abstract

Today the technology advancement in communication technology permits a malware author to introduce code obfuscation technique, for example, Application Programming Interface (API) hook, to make detecting the footprints of their code more difficult. A signature-based model such as Antivirus software is not effective against such attacks. In this paper, an API graph-based model is proposed with the objective of detecting hook attacks during malicious code execution. The proposed model incorporates techniques such as graph-generation, graph partition and graph comparison to distinguish a legitimate system call from malicious system call. The simulation results confirm that the proposed model outperforms than existing approaches.
URLhttps://ieeexplore.ieee.org/document/8067582/
DOI10.1109/ICTACC.2017.31
Citation Keymuthumanickam_optimizing_2017
Groups: