• DocumentCode
    260241
  • Title

    Role-opcode vs. opcode: The new method in computer malware detection

  • Author

    Ghezelbigloo, Zahra ; VafaeiJahan, Majid

  • Author_Institution
    Dept. of Comput. Eng., Imamreza Univ. of Mashhad, Mashhad, Iran
  • fYear
    2014
  • fDate
    26-27 Nov. 2014
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    One of the common methods in the area of combating with malwares is the use of opcodes-sequence exist in the malwares´ assembly code. In this study, a new method has been used based on the structural classification of opcodes to detect malwares and its efficiency has also been put into investigation compared to the opcodes method. For this purpose, two different methods are to be applied for eliciting the content-based features of the assembly files. Two approaches were, then, analyzed on an equal basis using different classifications. The results, thereof, have indicated that the efficiency and the accuracy of different classifications do not decrease by using structural classification of opcodes. Additionally, the number of features, computational complexity, the time and the memory consumption would dramatically be decreased.
  • Keywords
    invasive software; program assemblers; source code (software); assembly code; assembly files; computational complexity; computer malware detection; content-based features; memory consumption; opcodes structural classification; opcodes-sequence; role-opcode; time consumption; Accuracy; Assembly; Computers; Data mining; Feature extraction; Image color analysis; Malware;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Technology, Communication and Knowledge (ICTCK), 2014 International Congress on
  • Conference_Location
    Mashhad
  • Type

    conf

  • DOI
    10.1109/ICTCK.2014.7033534
  • Filename
    7033534
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=260241