• DocumentCode
    3500842
  • Title

    Malware Detection Based on Suspicious Behavior Identification

  • Author

    Wang, Cheng ; Pang, Jianmin ; Zhao, Rongcai ; Fu, Wen ; Liu, Xiaoxian

  • Author_Institution
    China Nat. Digital Switching Syst. Eng. & Technol. Res. Center, Zhengzhou
  • Volume
    2
  • fYear
    2009
  • fDate
    7-8 March 2009
  • Firstpage
    198
  • Lastpage
    202
  • Abstract
    Along with the popularization of computers, especially the wide use of Internet, malicious code in recent years has presented a serious threat to our world. In this paper, through the analysis against the suspicious behaviors of vicious program by function calls, we present an approach of malware detection which is based on analysis and distilling of representative characteristic and systemic description of the suspicious behaviors indicated by the sequences of APIs called under Windows. Based on function calls and control flow analysis, according to the identification of suspicious behavior, the technique implements a strategy of detection from malicious binary executables.
  • Keywords
    Internet; application program interfaces; invasive software; API; Internet; Windows; control flow analysis; function calls; malicious binary executables; malicious code; malware detection; suspicious behavior identification; Computer science; Computer science education; Educational technology; Internet; Magnetic heads; Object detection; Prototypes; Switching systems; Systems engineering and theory; Systems engineering education; Behavior Identification; Control Flow Analysis; Malware Detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Education Technology and Computer Science, 2009. ETCS '09. First International Workshop on
  • Conference_Location
    Wuhan, Hubei
  • Print_ISBN
    978-1-4244-3581-4
  • Type

    conf

  • DOI
    10.1109/ETCS.2009.306
  • Filename
    4959020
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3500842