Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.1.51

Machine Learning Based Malware Detection Using API Call Time Interval  

Cho, Young Min (SamsungSDS)
Kwon, Hun Yeong (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.1, 2020 , pp. 51-58 More about this Journal
Abstract
The use of malware in cyber threats continues to be used in all ages, and will continue to be a major attack method even if IT technology advances. Therefore, researches for detecting such malicious codes are constantly tried in various ways. Recently, with the development of AI-related technology, many researches related to machine learning have been conducted to detect malware. In this paper, we propose a method to detect malware using machine learning. For machine learning detection, we create a feature around each call interval, ie Time Interval, in which API calls occur among dynamic analysis data, and then apply the result to machine learning techniques.
Keywords
Machine Learning; Malware Detection; Time Interval; AI;
Citations & Related Records
연도 인용수 순위
  • Reference
1 "Average 346,000 new malicious codes detected in 2018", ITWorld, 12.13.2018, http://itworld.co.kr/news/113070
2 Kirti Mathur and Saroj Hiranwal, "A Survey on Techniques in Detection and Analyzing Malware Executables", International Journal of Advanced Research in Computer Science and Software Engineering, Vol. 3, Issue 4, 2013.
3 Shankarapani, M.K, Mukkamala, S, "Malware detection using assembly and API call sequences.", Journal in Computer Virology. 7(2):107-119, May. 2011.   DOI
4 Alazab, M, Venkatraman, S, "Zero-day malware detection based on supervised learning algorithms of API call signatures," Conferences in Research and Practice in Information Technology Series, 121:171-182, 2010.
5 Fujino, A, Mori, T, "Discovering similar malware samples using API call topics," IEEE, CCNC, :140-147, July. 2015.
6 Ammar Ahmed E. Elhadi, Mohd Aizaini Maarof, "Improving the Detection of Malware Behaviour Using Simplified Data Dependent API Call Graph," International Journal of Security and Its Applications, Vol. 7, Issue 5, pp.29-42, 2013.   DOI
7 Im, E.G, Han, K.-S, "Detection methods for malware variant using API call related graphs," LNEE, :607-611, 120. 2012.
8 Wikipedia, "Randomforest" https://en.wikipedia.org/wiki/Random_forest, 02.11.2020.
9 Youngjoon Ki, Eunjin Kim, "A Novel Approach to Detect Malware Based on API Call Sequence Analysis.", International Journal of Distributed Sensor Networks, Vol. 11, 2015.