Skip to main content
SpringerLink
Log in

PE File-Based Malware Detection Using Machine Learning

  • Conference paper
  • First Online:
Proceedings of International Conference on Artificial Intelligence and Applications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1164))

Abstract

In current times, malware writers write more progressive sophisticatedly designed malware in order to target the user. Therefore, one of the most cumbersome tasks for the cyber industry is to deal with this ever-increasing number of progressive malware. Traditional security solutions such as anti-viruses and anti-malware fail to detect these advanced types of malware because the majority of this malware are refined versions of their predecessor. Moreover, these solutions consume lots of computational resources on the host to accomplish their operations. Further, malware evades these security solutions by using intelligent approaches such as code encryption, obfuscation and polymorphism. Therefore, to provide alternatives to these solutions, this paper discusses the existing malware analysis and detection techniques in a comprehensive/holistic manner.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Wikipedia 2019 Retrieved on 5 July website: https://en.wikipedia.org/wiki/Malware

  2. Website, https://blog.malwarebytes.com/malwarebytes-news/ctntreport/2019/01/2019-state-malware-report-trojans-cryptominers-dominate-threat-landscape/

  3. IT Threat Evolution Q1 2019 Statistics, website: https://securelist.com/it-threat-evolution-q1-2019-statistics/90916/. Accessed on 02 July 2019

  4. AV-Test IT Security Institute website: https://www.av-test.org/en/statistics/malware/

  5. Website, https://securelist.com/mobile-malware-evolution-2018/89689/

  6. Y. Ye, T. Li, D. Adjeroh, S.S. Iyengar, A survey on malware detection using data mining techniques. ACM Comput. Surv. (CSUR) 50(3), 41 (2017)

    Google Scholar 

  7. IDA Pro website, https://www.hex-rays.com/products/ida/index.shtml

  8. OllyDbg website, http://www.ollydbg.de/

  9. OllyDump website, http://www.openrce.org/downloads/details/108/ollydump

  10. LordPE website, https://www.aldeid.com/wiki/LordPE

  11. A. Moser, C. Kruegel, E. Kirda, Limits of static analysis for malware detection, in Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007). IEEE (2007), pp. 421–430

    Google Scholar 

  12. M. Egele, T. Scholte, E. Kirda, C. Kruegel, A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. (CSUR) 44(2), 6 (2012)

    Google Scholar 

  13. M. Eskandari, Z. Khorshidpour, S. Hashemi, HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection. J. Comput. Virol. Hack. Techn. 9(2), 77–93 (2013)

    Article  Google Scholar 

  14. Stat counter Website, https://gs.statcounter.com/os-marketshare/desktop/worldwide

  15. M.G. Schultz, E. Eskin, F. Zadok, S.J. Stolfo, Data mining methods for detection of new malicious executables, in Proceedings 2001 IEEE Symposium on Security and Privacy. S&P(2001). IEEE (2001), pp. 38–49

    Google Scholar 

  16. B. Anderson, D. Quist, J. Neil, C. Storlie, T. Lane, Graph-based malware detection using dynamic analysis. J. Comput. Virol. 7(4), 247–258 (2011)

    Article  Google Scholar 

  17. M. Eskandari, Z. Khorshidpour, S. Hashemi, Hdm-analyser: a hybrid analysis approach based on data mining techniques for malware detection. J. Comput. Virol. Hack. Tech. 9(2), 77–93 (2013)

    Article  Google Scholar 

  18. P. Khodamoradi, M. Fazlali, F. Mardukhi, M. Nosrati, Heuristic metamorphic malware detection based on statistics of assembly instructions using classification algorithms, in 18th CSI International Symposium on Computer Architecture and Digital Systems (CADS). IEEE (2015), pp. 1–6

    Google Scholar 

  19. C. LeDoux, A. Lakhotia, Malware and machine learning, in Intelligent Methods for Cyber Warfare (Springer, Cham, 2015), pp. 1–42

    Google Scholar 

  20. G. Liang, J. Pang, C. Dai, A behavior-based malware variant classification technique. Int. J. Inf. Educ. Technol. 6(4) (2016)

    Google Scholar 

  21. D. Ucci, L. Aniello, R. Baldoni, Survey of machine learning techniques for malware analysis. Comput. Secur. (2018)

    Google Scholar 

  22. E. Gandotra, D. Bansal, S. Sofat, Zero-day malware detection, in Sixth International Symposium on Embedded Computing and System Design (IEEE, 2016), pp. 171–175

    Google Scholar 

  23. A. Damodaran, F. Di Troia, C.A. Visaggio, T.H. Austin, M.A. Stamp, Comparison of static, dynamic, and hybrid analysis for malware detection. J. Comput. Virol. Hack. Tech. 13(1), 1–12 (2017)

    Google Scholar 

  24. Q.K.A. Mirza, I. Awan, M. Younas, CloudIntell: an intelligent malware detection system. Fut. Gen. Comput. Syst. 86, 1042–1053 (2018)

    Google Scholar 

  25. A. Souri, R.A. Hosseini, State-of-the-art survey of malware detection approaches using data mining techniques. HCIS 8(1), 3 (2018)

    Google Scholar 

  26. K. Sethi, S.K. Chaudhary, B.k. Tripathy, P. Bera, A novel malware analysis framework for malware detection and classification using machine learning approach, in Proceedings of the 19th International Conference on Distributed Computing and Networking (ACM, 2018), p. 49

    Google Scholar 

  27. D. Carlin, P. O’Kane, S. Sezer, Dynamic analysis of malware using run-time opcodes, in Data analytics and decision support for cybersecurity (Springer, Cham, 2017), pp. 99–125

    Google Scholar 

  28. A.P. Namanya, I.U. Awan, J.P. Disso, M. Younas, Similarity hash-based scoring of portable executable files for efficient malware detection in IoT. Fut. Gen. Comput. Syst. (2019)

    Google Scholar 

  29. E. Raff, C. Nicholas, An alternative to NCD for large sequences, Lempel-Ziv Jaccard distance, in Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (ACM, 2017), pp. 1007–1015

    Google Scholar 

  30. P. Vadrevu, R. Perdisci, MAXS: scaling malware execution with sequential multi-hypothesis testing, in Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security (ACM, 2016), pp. 771–782

    Google Scholar 

  31. M. Polino, A. Scorti, F. Maggi, S. Zanero, Jackdaw: towards automatic reverse engineering of large datasets of binaries, in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (Springer, Cham, 2015), pp. 121–143

    Google Scholar 

  32. N. Miramirkhani, M.P. Appini, N. Nikiforakis, M. Polychronakis, Spotless sandboxes: evading malware analysis systems using wear-and-tear artifacts, in IEEE Symposium on Security and Privacy (SP) (IEEE, 2017), pp. 1009–1024

    Google Scholar 

  33. T. Blazytko, M. Contag, C. Aschermann, T. Holz, Syntia: synthesizing the semantics of obfuscated code, in 26th {USENIX} Security Symposium (2017), pp. 643–659

    Google Scholar 

  34. R. Jordaney, K. Sharad, S.K. Dash, Z. Wang, D. Papini, I. Nouretdinov, L. Cavallaro, Transcend: detecting concept drift in malware classification models, in 26th Security Symposium ({USENIX} Security 2017) (2017), pp. 625–642

    Google Scholar 

  35. K. Huang, Y. Ye, Q. Jiang, Ismcs: an intelligent instruction sequence based malware categorization system, in: Anti-counterfeiting, Security, and Identification in Communication (IEEE, 2009), pp. 509–512

    Google Scholar 

  36. X. Hu, K. G. Shin, S. Bhatkar, K. Griffin, Mutantx-s: scalable malware clustering based on static features, in USENIX Annual Technical Conference (2013), pp. 187–198

    Google Scholar 

  37. P. O’Kane, S. Sezer, K. McLaughlin, E.G. Im, SVM training phase reduction using dataset feature filtering for malware detection. IEEE Trans. Inf. Forens. Secur. 8(3), 500–509 (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science and Engineering Department, The NorthCap University, Gurugram, India

    Namita &  Prachi

Authors
  1. Namita
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Prachi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Prachi .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Maharaja Surajmal Institute of Technology, New Delhi, India

    Poonam Bansal

  2. Department of Electrical and Electronics Engineering, Maharaja Surajmal Institute of Technology, New Delhi, India

    Meena Tushir

  3. Department of Automation and Applied Software, Aurel Vlaicu University of Arad, Arad, Romania

    Valentina Emilia Balas

  4. Department of Computer Science and Engineering, Indian Institute of Technology (BHU), Varanasi, India

    Rajeev Srivastava

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Namita, Prachi (2021). PE File-Based Malware Detection Using Machine Learning. In: Bansal, P., Tushir, M., Balas, V., Srivastava, R. (eds) Proceedings of International Conference on Artificial Intelligence and Applications. Advances in Intelligent Systems and Computing, vol 1164. Springer, Singapore. https://doi.org/10.1007/978-981-15-4992-2_12

Download citation

Publish with us

Policies and ethics

Search

Navigation