Detecting obfuscated malware using reduced opcode set and optimised runtime trace

Research output: Contribution to journalArticle

428 Downloads (Pure)

Abstract

The research presented, investigates the optimal set of operational codes (opcodes) that create a robust indicator of malicious software (malware) and also determines a program’s execution duration for accurate classification of benign and malicious software. The features extracted from the dataset are opcode density histograms, extracted during the program execution. The classifier used is a support vector machine and is configured to select those features to produce the optimal classification of malware over different program run lengths. The findings demonstrate that malware can be detected using dynamic analysis with relatively few opcodes.
Original languageEnglish
Number of pages12
JournalSecurity Informatics
Volume5
Issue number2
Early online date04 May 2016
DOIs
Publication statusEarly online date - 04 May 2016

Fingerprint Dive into the research topics of 'Detecting obfuscated malware using reduced opcode set and optimised runtime trace'. Together they form a unique fingerprint.

  • Cite this