Detection of Metamorphic Malware based on HMM: A Hierarchical Approach | Zendy

Mina Gharacheh | Zendy; Vali Derhami | Zendy; Sattar Hashemi | Zendy; Seyed Mehdi Hazrati Fard | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Detection of Metamorphic Malware based on HMM: A Hierarchical Approach

Author(s) -

Mina Gharacheh,

Vali Derhami,

Sattar Hashemi,

Seyed Mehdi Hazrati Fard

Publication year - 2016

Publication title -

international journal of intelligent systems and applications

Language(s) - English

Resource type - Journals

eISSN - 2074-9058

pISSN - 2074-904X

DOI - 10.5815/ijisa.2016.04.02

Subject(s) - opcode , computer science , malware , hidden markov model , artificial intelligence , pattern recognition (psychology) , data mining , machine learning , computer security , operating system

Recent research have depicted that hidden Markov model (HMM) is a persuasive option for malware detection. However, some advanced metamorphic malware are able to overcome the traditional methods based on HMMs. This proposed approach provides a two-layer technique to overcome these challenges. Malware contain various sequences of opcodes some of which are more important and help detect the malware and the rest cause interference. The important sequences of opcodes are extracted by eliminating partial sequences due to the fact that partial sequences of opcodes have more similarities to benign files. In this method, the sliding window technique is used to extract the sequences. In this paper, HMMs are trained using the important sequences of opcodes that will lead to better results. In comparison to previous methods, the results demonstrate that the proposed method is more accurate in metamorphic malware detection and shows higher speed at classification.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research