Metamorphic Malware Behavior Analysis Using Sequential Pattern Mining

被引：0

作者：

Nawaz, M. Saqib ^{[1
]}

Fournier-Viger, Philippe ^{[1
]}

Nawaz, M. Zohaib ^{[2
]}

Chen, Guoting ^{[3
]}

Wu, Youxi ^{[4
]}

机构：

[1] Harbin Inst Technol Shenzhen, Sch Humanities & Social Sci, Shenzhen, Peoples R China

[2] Univ Sargodha, Dept Comp Sci & IT, Sargodha, Pakistan

[3] Harbin Inst Technol Shenzhen, Sch Sci, Shenzhen, Peoples R China

[4] Hebei Univ Technol, Dept Comp Sci & Engn, Tianjin, Peoples R China

来源：

MACHINE LEARNING AND PRINCIPLES AND PRACTICE OF KNOWLEDGE DISCOVERY IN DATABASES, PT II | 2021年 / 1525卷

关键词：

Malware analysis; Sequential pattern mining; API calls; Frequent patterns; Sequential rules;

D O I：

10.1007/978-3-030-93733-1_6

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Application Programming Interface (API) calls in windows operating system (OS) is an attractive feature for malware analysis and detection as they can properly reflect the actions of portable executable (PE) files. In this paper, we provide an approach based on sequential pattern mining (SPM) for the analysis of malware behavior during executions. A dataset that contains sequences of API calls made by different malware on Windows OS is first abstracted into a suitable format (sequences of integers). SPM algorithms are then used on the corpus to find frequent API calls and their patterns. Moreover, sequential rules between API calls patterns as well as maximal and closed frequent API calls are discovered. Obtained preliminary results suggest that discovered frequent patterns of API calls and sequential rules between them can be used in the development of malware detection and classification techniques.

引用

页码：90 / 103

页数：14

共 50 条

[1] MalSPM: Metamorphic malware behavior analysis and classification using sequential pattern mining
Nawaz, M. Saqib
Fournier-Viger, Philippe
Nawaz, M. Zohaib
Chen, Guoting
Wu, Youxi
[J]. COMPUTERS & SECURITY, 2022, 118
[2] Analysis of Learning Behavior in a Programming Course using Process Mining and Sequential Pattern Mining
Real, Eduardo Machado
Pimentel, Edson Pinheiro
Braga, Juliana Cristina
[J]. 2021 IEEE FRONTIERS IN EDUCATION CONFERENCE (FIE 2021), 2021,
[3] Malicious sequential pattern mining for automatic malware detection
Fan, Yujie
Ye, Yanfang
Chen, Lifei
[J]. EXPERT SYSTEMS WITH APPLICATIONS, 2016, 52 : 16 - 25
[4] Using Sequential Pattern Mining to Analyze the Behavior on the WELS
Wang, Yi-Lin
Wen, Ling-Yu Melody
Chen, Tung-Shou
Chen, Rong-Chang
[J]. INFORMATION AND BUSINESS INTELLIGENCE, PT I, 2012, 267 : 95 - +
[5] A Simple Method for Detection of Metamorphic Malware using Dynamic Analysis and Text Mining
Choudhary, S. P.
Vidyarthi, Deepti
[J]. ELEVENTH INTERNATIONAL CONFERENCE ON COMMUNICATION NETWORKS, ICCN 2015/INDIA ELEVENTH INTERNATIONAL CONFERENCE ON DATA MINING AND WAREHOUSING, ICDMW 2015/NDIA ELEVENTH INTERNATIONAL CONFERENCE ON IMAGE AND SIGNAL PROCESSING, ICISP 2015, 2015, 54 : 265 - 270
[6] Metamorphic Malware Detection using Control Flow Graph Mining
Eskandari, Mojtaba
Hashemi, Sattar
[J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2011, 11 (12): : 1 - 6
[7] Analysis on the Sequential Behavior of Malware Attacks
Rosyid, Nur Rohman
Ohrui, Masayuki
Kikuchi, Hiroaki
Sooraksa, Pitikhate
Terada, Masato
[J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2011, E94D (11): : 2139 - 2149
[8] An effective contrast sequential pattern mining approach to taxpayer behavior analysis
Zheng, Zhigang
Wei, Wei
Liu, Chunming
Cao, Wei
Cao, Longbing
Bhatia, Maninder
[J]. WORLD WIDE WEB-INTERNET AND WEB INFORMATION SYSTEMS, 2016, 19 (04): : 633 - 651
[9] An effective contrast sequential pattern mining approach to taxpayer behavior analysis
Zhigang Zheng
Wei Wei
Chunming Liu
Wei Cao
Longbing Cao
Maninder Bhatia
[J]. World Wide Web, 2016, 19 : 633 - 651
[10] Trend analysis of product function using sequential pattern mining
Yu, Li
Zhang, Zaifang
[J]. COMPUTER AND INFORMATION TECHNOLOGY, 2014, 519-520 : 736 - +

← 1 2 3 4 5 →