With the amount of malwares increases continually, computers are under serious security threats. An efficient and effective computer malware detection scheme is important to all. Pattern-based malware detection schemes are effective and efficient, but it is not able to recognize a malware if there is no pre-established pattern. This is a tremendous disadvantage since great damage can occur before a new malware is captured, analyzed and has its pattern found. On the other hand, a learning-based detection method has the potential to recognize a new malware, however, the efficiency and effectiveness of such methods are quite poor in comparison to the pattern-based schemes. In this thesis, we propose a new learning-based detection scheme with API calls usages in programs being the features. We carefully studied the properties of API calls and design a feature set accordingly for our learning-based scheme. An SVM based detection model is formed by using a set of training programs. A prototype of the proposed method has been developed and tested. It exhibit very high performance in terms of efficiency and effectiveness for both known and unknown programs.
為了持續優化網站功能與使用者體驗,本網站將Cookies分析技術用於網站營運、分析和個人化服務之目的。
若您繼續瀏覽本網站,即表示您同意本網站使用Cookies。