Malware dynamic analyses system based on virtual mashine introspection and mashine learning methods

A.E. Nafiev, A.M. Rodionov

Abstract


Cyber wars and cyber attacks are a serious problem in the global digital environment. Technological progress is forcing malware authors to create more and more advanced and sophisticated malware. Such programs are almost impossible to detect with static analysis. Even when using dynamic analysis, a malicious file can recognize being executed by the virtual environment and change its code.
Therefore, this study aims to create a dynamic analysis system, where the executable file is not able to detect being observed and can show its proposed in this article and fed to a machine learning algorithm - a support vector machine.

Problems in programming 2023; 2: 84-90


Keywords


dynamic analysis;virtual machine introspection; hypervisor; malware detection

References


Tamas K Lengyel, Steve Maresca, Bryan D Payne, George D Webster, Sebastian Vogl, and Aggelos Kiayias. Scalability, fidelity and stealth in the drakvuf dynamic malware analysis system. In The 30th Annual Computer Security Applications Conference, pages 386-395, 2014

CrossRef

Xen Project. Available at: xenproject.org

LibVMI. Available at: libvmi.com

Muhammad Ijaz, Muhammad Hanif Durad, Maliha Ismail, Static and Dynamic Malware Analysis Using Machine Learning, 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST - 2019), January 2019

Matthew Nunes, Pete Burnap, Omer F. Rana, Getting to the root of the problem: A detailed comparison of kernel and user level data for dynamic malware analysis, Journal of Information Security and Applications, October 2019 CrossRef

Sudhir Kumar Rai, Ashish Mittal, Sparsh Mittal, A Node-Embedding Features Based Machine Learning Technique for Dynamic Malware Detection, IEEE Conference on Dependable and Secure Computing (DSC), April 2022

Hongwei Zhao, Mingzhao Li, Taiqi Wu, Fei Yang, Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection, International Journal of Computational Intelligence Systems, July 2018

David Escudero García, Noemí DeCastro-García Optimal Feature Configuration for Dynamic Malware Detection, Computers & Security, February 2021 CrossRef

Charles-Henry Bertrand Van Ouytsel, Axel Legay, Malware Analysis with Symbolic Execution and Graph Kernel, April 2022 CrossRef

V.P.Nair et al., MEDUSA: Metamorphic Malware Dynamic analysis Using Signature from API, in 5th Int. Conf. on malicious and unwanted software, ACM, 2010 CrossRef

Ronghua Tian et al., Differentiating Malware from Cleanware Using Behavioural Analysis, In Proc. of the 3rd Int. Conf. on Security of Inform. and Networks, SIN'10, IEEE, March 2010

Alfred Melvin G. Jaspher W. Kathrine, A Quest for Best: A Detailed Comparison Between Drakvuf-VMI-Based and Cuckoo Sandbox-Based Technique for Dynamic Malware Analysis, Intelligence in Big Data Technologies-Beyond the Hype, January 2021 CrossRef




DOI: https://doi.org/10.15407/pp2023.02.084

Refbacks

  • There are currently no refbacks.