Title :
Exploring Behavioral Aspects of API Calls for Malware Identification and Categorization
Author :
Uppal, Dolly ; Sinha, Rakhi ; Mehra, Vishakha ; Jain, Vinesh
Author_Institution :
Dept. of Comput. Eng. & Inf. Technol., Gov. Eng. Coll., Ajmer, India
Abstract :
Present day scenario shows a drastic increase in the growth of the malware. According to Kaspersky Security Lab report, India ranks seventh in offline threats and ninth in online threats caused by malware, among top ten countries of the world. Advancement in the evasion techniques like code obfuscation, packing, encryption or polymorphism help malware writers to avoid detection of their malwares by Anti-Virus Scanners (AVS), as AVS primarily fails to detect unknown malwares. In this paper we elucidate a malware detection method based on mining behavioral aspects of API calls, as extraction and interpretation of API calls can help in determining the behavior and functions of a program. We propose a feature selection algorithm to select unique and distinct APIs and then we have applied machine learning techniques for categorizing malicious and benign PE files.
Keywords :
application program interfaces; data mining; feature selection; invasive software; learning (artificial intelligence); API call behavioral aspects; AVS; India; Kaspersky Security Lab report; antivirus scanners; benign PE files; code obfuscation; data mining; encryption; feature selection algorithm; machine learning techniques; malicious PE files; malware categorization; malware identification; offline threats; online threats; polymorphism; Algorithm design and analysis; Classification algorithms; Feature extraction; Machine learning algorithms; Malware; Software; Software algorithms; API Call; Behavioral Aspects; Data mining; Malware; Portable Executable;
Conference_Titel :
Computational Intelligence and Communication Networks (CICN), 2014 International Conference on
Print_ISBN :
978-1-4799-6928-9
DOI :
10.1109/CICN.2014.176
