A survey on heuristic malware detection techniques

Author

Bazrafshan, Zahra ; Hashemi, Hossein ; Fard, Seyed Mehdi Hazrati ; Hamzeh, Ali

Author_Institution

Dept. of Comput. Sci. & Eng., Shiraz Univ., Shiraz, Iran

fYear

2013

fDate

28-30 May 2013

Firstpage

113

Lastpage

120

Abstract

Malware is a malicious code which is developed to harm a computer or network. The number of malwares is growing so fast and this amount of growth makes the computer security researchers invent new methods to protect computers and networks. There are three main methods used to malware detection: Signature based, Behavioral based and Heuristic ones. Signature based malware detection is the most common method used by commercial antiviruses but it can be used in the cases which are completely known and documented. Behavioral malware detection was introduced to cover deficiencies of signature based method. However, because of some shortcomings, the heuristic methods have been introduced. In this paper, we discuss the state of the art heuristic malware detection methods and briefly overview various features used in these methods such as API Calls, OpCodes, N-Grams etc. and discuss their advantages and disadvantages.

Keywords

computer network security; invasive software; API calls; N-grams; OpCodes; behavioral based malware detection; computer protection method; computer security; heuristic malware detection techniques; signature based malware detection; Algorithms; Computers; Encryption; Feature extraction; Flow graphs; Malware; API Call; Computer Security; Control Flow Graph; Malware Detection; N-Gram; OpCode;

fLanguage

English

Publisher

ieee

Conference_Titel

Information and Knowledge Technology (IKT), 2013 5th Conference on

Conference_Location

Shiraz

Print_ISBN

978-1-4673-6489-8

Type

conf

DOI

10.1109/IKT.2013.6620049

Filename

6620049