Skip to search boxSkip to navigationSkip to main content

Performance evaluation of string based malware detection methods

Research Output: Chapter in Book/Report/Conference proceeding Conference contribution Peer-review

Abstract

Conventional signature-based malware detection techniques have been used for many years because of their high detection rates and low false positive rates. However, signature-based detection techniques are regarded as ineffective due to their inability to detect unseen, new, polymorphic and metamorphic malware. To affect the weaknesses of the signature-based detection techniques, researchers have turned into behavioural-based detection techniques whereby a malware behavioural is constructed by capturing malware API calls during execution. In this context, API call sequences matching techniques are widely used to compute malware similarities. However, API call sequences matching techniques require large processing resources which make the process slow due to computational complexity and therefore, cannot scale to large API call sequences. To mitigate its problem, Longest Common Substring and Longest Common Subsequence have been used in this paper for strings matching in order to detect malware and their variants. In this paper we evaluate these two algorithms in the context of malware detection rate and false alarm rate.

Publication Information

Output type

Research Output: Chapter in Book/Report/Conference proceeding Conference contribution Peer-review

Original language

English

Publication milestones

  • Published - 01/07/2019

Publication status

Published - 01/07/2019

Publisher

Institute of Electrical and Electronics Engineers Inc., United States
9781862203426

External Publication IDs

  • handle.net: 10547/624315
  • Scopus: 85069174182

Host publication title

2018 24th International Conference on Automation and Computing (ICAC)

Publication metrics

Metrics