-
Views
-
Cite
Cite
Binlin Cheng, Jinjun Liu, Jiejie Chen, Shudong Shi, Xufu Peng, Xingwen Zhang, Haiqing Hai, Behavior-Obfuscation Resistance Malware Detection, The Computer Journal, Volume 62, Issue 12, December 2019, Pages 1734–1747, https://doi.org/10.1093/comjnl/bxz033
- Share Icon Share
Abstract
Malware brings a big security threat on the Internet today. With the great increasing malware attacks. Behavior-based detection approaches are one of the major method to detect zero-day malware. Such approaches often use API calls to represent the behavior of malware. Unfortunately, behavior-based approaches suffer from behavior obfuscation attacks. In this paper, we propose a novel malware detection approach that is both effective and efficient. First, we abstract the API call to object operation. And then we generate the object operation dependency graph based on these object operations. Our approach use dependency graph to represent the behavior of malware. The evaluation results show that our approach can provide a complete resistance to all types of behavior obfuscation attacks, and outperforms existing behavior-based approaches in terms of better effectiveness and efficiency.