Abstract
Recently, malicious software are gaining exponential growth due to the innumerable obfuscations of extended x86 IA-32 (OPcodes) that are being employed to evade from traditional detection methods. In this paper, we design a novel distinguisher to separate malware from benign that combines Multivariate Logistic Regression model using kernel HS in Penalized Splines along with OPcode frequency feature selection technique for efficiently detecting obfuscated malware. The main advantage of our penalized splines based feature selection technique is its performance capability achieved through the efficient filtering and identification of the most important OPcodes used in the obfuscation of malware. This is demonstrated through our successful implementation and experimental results of our proposed model on large malware datasets. The presented approach is effective at identifying previously examined malware and non-malware to assist in reverse engineering.
Original language | English |
---|---|
Title of host publication | Proceedings - 2012 3rd Cybercrime and Trustworthy Computing Workshop, CTC 2012 |
Place of Publication | Los Alamos, CA |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Pages | 38-47 |
Number of pages | 10 |
ISBN (Print) | 9780769549408 |
DOIs | |
Publication status | Published - 2013 |
Externally published | Yes |
Event | 2012 3rd Cybercrime and Trustworthy Computing Workshop, CTC 2012 - Ballarat, VIC, Australia Duration: 29 Oct 2012 → 30 Oct 2012 |
Other
Other | 2012 3rd Cybercrime and Trustworthy Computing Workshop, CTC 2012 |
---|---|
Country/Territory | Australia |
City | Ballarat, VIC |
Period | 29/10/12 → 30/10/12 |