A Novel Approach to Detect Malware Based on API Call Sequence Analysis
In the era of ubiquitous sensors and smart devices, detecting malware is becoming an endless battle between ever-evolving malware and antivirus programs that need to process ever-increasing security related data. For malware detection, various approaches have been proposed. Among them, dynamic analy...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi - SAGE Publishing
2015-06-01
|
| Series: | International Journal of Distributed Sensor Networks |
| Online Access: | https://doi.org/10.1155/2015/659101 |
| _version_ | 1797712087887118336 |
|---|---|
| author | Youngjoon Ki Eunjin Kim Huy Kang Kim |
| author_facet | Youngjoon Ki Eunjin Kim Huy Kang Kim |
| author_sort | Youngjoon Ki |
| collection | DOAJ |
| description | In the era of ubiquitous sensors and smart devices, detecting malware is becoming an endless battle between ever-evolving malware and antivirus programs that need to process ever-increasing security related data. For malware detection, various approaches have been proposed. Among them, dynamic analysis is known to be effective in terms of providing behavioral information. As malware authors increasingly use obfuscation techniques, it becomes more important to monitor how malware behaves for its detection. In this paper, we propose a novel approach for dynamic analysis of malware. We adopt DNA sequence alignment algorithms and extract common API call sequence patterns of malicious function from malware in different categories. We find that certain malicious functions are commonly included in malware even in different categories. From checking the existence of certain functions or API call sequence patterns matched, we can even detect new unknown malware. The result of our experiment shows high enough F -measure and accuracy. API call sequence can be extracted from most of the modern devices; therefore, we believe that our method can detect the malware for all types of the ubiquitous devices. |
| first_indexed | 2024-03-12T07:16:37Z |
| format | Article |
| id | doaj.art-d6eaa299cfb44c53b8b882f6bdbea34d |
| institution | Directory Open Access Journal |
| issn | 1550-1477 |
| language | English |
| last_indexed | 2024-03-12T07:16:37Z |
| publishDate | 2015-06-01 |
| publisher | Hindawi - SAGE Publishing |
| record_format | Article |
| series | International Journal of Distributed Sensor Networks |
| spelling | doaj.art-d6eaa299cfb44c53b8b882f6bdbea34d2023-09-02T22:46:35ZengHindawi - SAGE PublishingInternational Journal of Distributed Sensor Networks1550-14772015-06-011110.1155/2015/659101659101A Novel Approach to Detect Malware Based on API Call Sequence AnalysisYoungjoon Ki0Eunjin Kim1Huy Kang Kim2 Korea University, 145 Anam-ro, Seongbuk-gu, Seoul 137-713, Republic of Korea Kyonggi University, Gwanggyosan-ro, Yeongtong-gu, Suwon 443-760, Republic of Korea Korea University, 145 Anam-ro, Seongbuk-gu, Seoul 137-713, Republic of KoreaIn the era of ubiquitous sensors and smart devices, detecting malware is becoming an endless battle between ever-evolving malware and antivirus programs that need to process ever-increasing security related data. For malware detection, various approaches have been proposed. Among them, dynamic analysis is known to be effective in terms of providing behavioral information. As malware authors increasingly use obfuscation techniques, it becomes more important to monitor how malware behaves for its detection. In this paper, we propose a novel approach for dynamic analysis of malware. We adopt DNA sequence alignment algorithms and extract common API call sequence patterns of malicious function from malware in different categories. We find that certain malicious functions are commonly included in malware even in different categories. From checking the existence of certain functions or API call sequence patterns matched, we can even detect new unknown malware. The result of our experiment shows high enough F -measure and accuracy. API call sequence can be extracted from most of the modern devices; therefore, we believe that our method can detect the malware for all types of the ubiquitous devices.https://doi.org/10.1155/2015/659101 |
| spellingShingle | Youngjoon Ki Eunjin Kim Huy Kang Kim A Novel Approach to Detect Malware Based on API Call Sequence Analysis International Journal of Distributed Sensor Networks |
| title | A Novel Approach to Detect Malware Based on API Call Sequence Analysis |
| title_full | A Novel Approach to Detect Malware Based on API Call Sequence Analysis |
| title_fullStr | A Novel Approach to Detect Malware Based on API Call Sequence Analysis |
| title_full_unstemmed | A Novel Approach to Detect Malware Based on API Call Sequence Analysis |
| title_short | A Novel Approach to Detect Malware Based on API Call Sequence Analysis |
| title_sort | novel approach to detect malware based on api call sequence analysis |
| url | https://doi.org/10.1155/2015/659101 |
| work_keys_str_mv | AT youngjoonki anovelapproachtodetectmalwarebasedonapicallsequenceanalysis AT eunjinkim anovelapproachtodetectmalwarebasedonapicallsequenceanalysis AT huykangkim anovelapproachtodetectmalwarebasedonapicallsequenceanalysis AT youngjoonki novelapproachtodetectmalwarebasedonapicallsequenceanalysis AT eunjinkim novelapproachtodetectmalwarebasedonapicallsequenceanalysis AT huykangkim novelapproachtodetectmalwarebasedonapicallsequenceanalysis |