ANALYSIS OF PACKED METAMORPHIC MALWARE

Purchase PDF

Published: 2017-04-24

Page: 237-244


ANKUR SINGH BIST *

Department of Computer Science and Engineering, SVU, India.

ANUJ SHARMA

Department of Computer Science and Engineering, SVU, India.

*Author to whom correspondence should be addressed.


Abstract

Malwares attempt to conceal their behaviour using obfuscation techniques. Packing is one of the techniques widely used by malware designers. In this paper, we proposed a novel method for classifying packed metamorphic malware samples. First, we normalize entropy values using symbolic aggregate approximation (SAX). Secondly, we extracted sector-wise byte patterns. Third, we fused the features taken from previous two activities. In this study LAD Tree, Naive Bayes, SVM and ANN (Artificial Neural Network) are used for classification. The results obtained show that our proposed approach provides significant accuracy. Satisfactory experimental results show the importance of proposed method for packed metamorphic malware classification. Further, it has been recommended that this approach can be utilized to facilitate commercial antivirus engine.

Keywords: Entropy analysis, obfuscation, packing, symbolic aggregate analysis (SAX).


How to Cite

BIST, A. S., & SHARMA, A. (2017). ANALYSIS OF PACKED METAMORPHIC MALWARE. Asian Journal of Mathematics and Computer Research, 17(4), 237–244. Retrieved from https://ikprress.org/index.php/AJOMCOR/article/view/972

Downloads

Download data is not yet available.