ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Statistical Analysis Between Malware and Benign Based on IA-32 Instruction

Proceeding: The Fourth International Conference on Informatics & Applications (ICIA2015)

Publication Date:

Authors : ; ; ; ;

Page : 32-42

Keywords : Malware; Statistical; Instruction; computer security; Unique Instruction.;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

Malicious software is one of the serious threats in the information society. A natural result of evolved malicious software, techniques for detecting malicious software are also in progress. Based on statistical data about existing malicious software is most important to detect new malicious software. Studies which statistical malicious software analysis so far have mainly focused only opcode which a part of whole instruction. This paper analyses the statistical data which considers whole instruction, not only opcode but also 5 types of operands. We find out that major of instruction both benign and malicious software are related function call, and it can not be a good predictor for detecting malicious software. But, when the benign’s instruction frequency gets smaller, the relation between rare instruction malicious software classes multiplies. Also, this paper discovers some instructions which are only used in malicious software.

Last modified: 2015-08-10 22:21:09