| Summary: | This report will first present a comprehensive analysis on how malwares have evolved over the years, as well as the existing technologies used to analysis and detect these malwares. Although many important advances have been worked on analysis and detection of malwares, the capabilities of detecting them are still a problem. This is due to continue evolution of malwares. Second, we propose a machine learning based framework which are using multiple views to detect malware. More precisely, we do a static analysis and constructs a program representative graph. Then, we further extract out the views of the app, which are API, permission and Source and sink, from the graph. After that, we convert then to vectors and send them for training. Next, I will show the work and experiments which I have worked on the developing of the above mentioned framework. The experiments are mainly to test the possibilities and effective of current codding. According to the results from the initial experiment, it is proving that the framework has high capabilities of detecting unknown malware. The details for the experiment result can be found in the appendix. Finally, based on the research I have done, I have proposed some future directions for the framework.
|
|---|