Detection of Malicious Binaries by Applying Machine Learning Models on Static and Dynamic Artefacts

Anantha Chukka, V. Devi

Abstract

In recent times malware attacks on government and private organizations are rising. These attacks are carried out to steal confidential information which leads to loss of privacy, intellectual property issues and loss of revenue. These attacks are sophisticated and described as Advanced Persistent Threats(APT). The payloads used in this type of attacks are polymorphic and metamorphic in nature and contains stealth and root-kit components. As a result the conventional defence mechanisms like rule-based and signature-based methods fail to detect these malware. So modern approaches rely on static and dynamic analysis to detect sophisticated malware. However this process generates huge log files. The domain expert needs to review these logs to classify whether the binary is malicious or benign which is tedious, time consuming and expensive. Our work uses machine learning models trained on the datasets, created using the analysis logs, to overcome these problems. In this paper a number of supervised machine learning models are presented to classify the binary as malicious or benign. In this work we have used automated malware analysis framework to collect run time behavioural artefacts. Static analysis mainly focuses on collecting binary meta information, import functions and opcode sequences. The dataset is created by collecting malware from online sources and benign files from windows operating system and third party software.

Download


Paper Citation


in Harvard Style

Chukka A. and Devi V. (2021). Detection of Malicious Binaries by Applying Machine Learning Models on Static and Dynamic Artefacts. In Proceedings of the 6th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-504-3, pages 29-37. DOI: 10.5220/0010379600290037


in Bibtex Style

@conference{iotbds21,
author={Anantha Chukka and V. Devi},
title={Detection of Malicious Binaries by Applying Machine Learning Models on Static and Dynamic Artefacts},
booktitle={Proceedings of the 6th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2021},
pages={29-37},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010379600290037},
isbn={978-989-758-504-3},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - Detection of Malicious Binaries by Applying Machine Learning Models on Static and Dynamic Artefacts
SN - 978-989-758-504-3
AU - Chukka A.
AU - Devi V.
PY - 2021
SP - 29
EP - 37
DO - 10.5220/0010379600290037