A Framework for Malware Detection Using Combination Technique and Signature Generation

Author

Zolkipli, Mohamad Fadli ; Jantan, Aman

Author_Institution

Sch. of Comput. Sci., Univ. Sains Malaysia, Minden, Malaysia

fYear

2010

fDate

7-10 May 2010

Firstpage

196

Lastpage

199

Abstract

Malware detection must apply sophisticated technique to minimize malware thread that can break computer operation. Nowadays malware writers try to avoid detection by using several techniques such as polymorphic, hiding and also zero day of attack. However, commercial anti-virus or anti-spyware that used signature-based matching to detects malware cannot solve that kind of attack. In order to overcome this issue, we propose a new framework for malware detection that combines signature-based technique and genetic algorithm technique. This framework consists of three main components such as s-based detection, GA detection and signature generator. These three main components will work together as interrelated process in our propose framework. Result from this study is the new framework that design to solve new launce malware and also to generate signature automatically that can be used on signature-based detection.

Keywords

digital signatures; genetic algorithms; invasive software; pattern matching; anti-spyware; commercial anti-virus; genetic algorithm technique; malware detection; signature based matching; signature generation; signature-based technique; Computer networks; Computer science; Computer worms; Data security; Electronic mail; Genetic algorithms; Invasive software; Machine learning; Research and development; Yarn; combination technique; genetic algorithm (GA); malware detection; signature-based;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Research and Development, 2010 Second International Conference on

Conference_Location

Kuala Lumpur

Print_ISBN

978-0-7695-4043-6

Type

conf

DOI

10.1109/ICCRD.2010.25

Filename

5489509