Role-opcode vs. Opcode: the New method in Computer Malware Detection

One of the common methods in the area of combating with malwares is the use of opcodes-sequence exist in the malwares' assembly code. In this study, a new method has been used based on the structural classification of opcodes to detect malwares and its efficiency has also been put into investigation compared to the opcodes method. For this purpose, two different methods are to be applied for eliciting the content-based features of the assembly files. Two approaches were, then, analyzed on an equal basis using different classifications. The results, thereof, have indicated that the efficiency and the accuracy of different classifications do not decrease by using structural classification of opcodes. Additionally, the number of features, computational complexity, the time and the memory consumption would dramatically be decreased.