Research Article Open Access

Malware Detection Based on Hybrid Signature Behaviour Application Programming Interface Call Graph

Ammar Ahmed E. Elhadi1, Mohd Aizaini Maarof1 and Ahmed Hamza Osman1
  • 1 , Afganistan
American Journal of Applied Sciences
Volume 9 No. 3, 2012, 283-288

DOI: https://doi.org/10.3844/ajassp.2012.283.288

Published On: 9 January 2012

How to Cite: Elhadi, A. A. E., Maarof, M. A. & Osman, A. H. (2012). Malware Detection Based on Hybrid Signature Behaviour Application Programming Interface Call Graph. American Journal of Applied Sciences, 9(3), 283-288. https://doi.org/10.3844/ajassp.2012.283.288

Abstract

Problem statement: A malware is a program that has malicious intent. Nowadays, malware authors apply several sophisticated techniques such as packing and obfuscation to avoid malware detection. That makes zero-day attacks and false positives the most challenging problems in the malware detection field. Approach: In this study, the static and dynamic analysis techniques that are used in malware detection are surveyed. Static analysis techniques, dynamic analysis techniques and their combination including Signature-Based and Behaviour-Based techniques are discussed. Results: In addition, a new malware detection framework is proposed. Conclusion: The proposed framework combines Signature-Based with Behaviour-Based using API graph system. The goal of the proposed framework is to improve accuracy and scan process time for malware detection.

Download

Keywords

  • Malware detection
  • API call graph
  • framework