Chrome Extension
WeChat Mini Program
Use on ChatGLM

Toward Detecting Malware Based on Process-Aware Behaviors

Chunlai Du,Ying Tong, Xiaohui Chen,Yongji Liu,Zhenquan Ding, Huixuan Xu,Qingyun Ran, Yi Zhang, Lingxiang Meng,Lei Cui,Zhiyu Hao

Security and communication networks(2023)

Cited 0|Views47
No score
Abstract
Malware continuously evolve and become more and more sophisticated. Learning on execution behavior is proven to be effective for malware detection. However, little work has been done to delve into the implications of full process information for malware detection. In this paper, we present a deep neural network based malware detection approach that performs learning on process-aware behaviors for Windows programs. It first employs logistic regression-based weighting method and machine learning-based API score learning method to aware the inner-process behavior, including API sequences and their run-time arguments. Next, it constructs the process graph by inter-process interactions from which a set of attributes are extracted, for characterizing the relationship among various processes in term of invoke actions. Finally, it feeds the process-aware features into the deep neural network for training a binary classifier to detect malware. In addition to designing, we have implemented and evaluated our proposed method on two datasets. The results demonstrate that our method outperforms naïve models when taking raw APIs as input, verifying the effectiveness of our method. Moreover, we have evaluated the robustness to adversarial attacks and concept drift on our model, and the results demonstrates the robustness of our method.
More
Translated text
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined