Techniques in Detection and Analyzing Malware Executables: A Review
نویسندگان
چکیده
Today computer field has gained a lot of importance in our day to day life to deal with many aspects like education, entertainment purpose etc. System security is warned by weapons named as malicious software to fulfill malicious intention of its authors. Malicious software known as malware is one of the common problem faced by the internet today. The key to detect these threats are also available like AV Scanners, Intrusion Detection System, and Firewalls etc. In this paper we discussed various data mining techniques, several anti-virus systems are there for detecting the malware i.e. malicious code written manually but these approaches are very expensive and oftentimes ineffective. Therefore, there is a requirement to present a data-mining framework that can detect new, malicious executables precisely and systematically. This survey paper highlights the techniques used in analyzing and detecting malware data. KeywordsMalicious Code Detection; Data Mining; Security; Malware; prediction
منابع مشابه
A Survey on Techniques in Detection and Analyzing Malware Executables
The computer technology has emerged as a necessity in our day to day life to deal with various aspects like education, banking, communication, entertainment etc. Computer system’s security is threatened by weapons named as malware to accomplish malicious intention of its writers. Various solutions are available to detect these threats like AV Scanners, Intrusion Detection System, and Firewalls ...
متن کاملDetecting Packed Executables Based on Raw Binary Data
Packing an executable originally referred to the compression of the file to reduce its size on disk. Nowadays, packing also introduces encryption and anti-debug techniques to protect executables from reverse engineering. This explains why packers are extensively used in creating new malware variants which are not detected by traditional signature-based anti-malware tools. Although universal unp...
متن کاملPE-Probe: Leveraging Packer Detection and Structural Information to Detect Malicious Portable Executables
The number of executable malware and the sophistication of their destructive ability has exponentially increased in past couple of years. Malware writers use sophisticated code obfuscation and encryption (a.k.a. packing) techniques to circumvent signatures – derived from the code of the malware for detection – stored in the signatures’ database of commercial off-the-shelf anti-virus software. I...
متن کاملA Next-Generation Platform for Analyzing Executables
In recent years, there has been a growing need for tools that an analyst can use to understand the workings of COTS components, plugins, mobile code, and DLLs, as well as memory snapshots of worms and virus-infected code. Static analysis provides techniques that can help with such problems; however, there are several obstacles that must
متن کاملNewApproach for Detecting Unknown Malicious Executables
Detection of malicious executables that are known beforehand is usually performed using signature-based techniques. These techniques typically rely on the prior explicit knowledge of the malicious executable code, which is in turn is represented by one or more signatures or rules that are stored in a database. The database is frequently updated with new signatures, based on new observations. Th...
متن کامل