Malware Detection Using Image Visualization

Document Type : Original Article

Abstract

In this article a new technique is proposed  for detection of polymorphic malware based on image processing. With the proliferation of polymorphic malware, the efficacy of signature-based static analysis systems is greatly reduced. This survey is based on the comparison of the images developed from malware samples binary code. With the advent of image processing applications for binary code analysis, numerous features could be extracted for comparing malware isomorphs. Based on these features, we have been capable of detecting malware isomporphs with an unprecedented accuracy. Most often, malware samples binaries are packed. Using our proposed method, we have been capable of detecting the unique similarity between executables packed with a same packer.     

Keywords


  1. - John Aycock, “Computer Viruses and Malware”, US, Springer, 2007.##
  2. - Mojtaba Eskandari, Sattar Hashemi, “Metamorphic Malware Detection using Control Flow Graph Mining”, IJCSNS International Journal of Computer Science and Network Security, VOL.11 No.12, December 2011.##
  3. - Kent Griffin, Scott Schneider, Xin Hu, Tzi-cker Chiueh, “Automatic Generation of String Signatures for Malware Detection”, Symantec Research Laboratories, Springer, pp. 101-120, Berlin, 2009.##
  4. - Mamoun Alazab, Robert Layton, Sitalakshmi Venkataraman, Paul Watters, “Malware Detection Based on Structural and Behavioural Features of API Calls”, 1st International Cyber Resilience Conference, pp. 68-73, Perth Western Australia, August 2010.##
  5. - Babak Bashari Rad, Maslin Masrom, “Metamorphic Virus Detection in Portable Executables Using Opcodes Statistical Feature”, Proceeding of the International Conference on Advance Science, Engineering and Information Technology Malaysia, January 2011.##
  6. - Liu Wu ; Network Res. Center, Tsinghua Univ., Beijing, China ; Ren Ping ; Liu Ke ; Duan Hai-xin, “Behavior-Based Malware Analysis and Detection”, Complexity and Data Mining (IWCDM), pp. 39-42, Nanjing, September 2011.##
  7. - Aude Oliva, Antonio Torralba, "Modeling the Shape of the Scene: A Holistic Representatio of the Spatial Envelope", International Journal of Computer Vision 42(3), pp. 145–175, 2001.##
  8. - Gregory Conti, Erik Dean, Matthew Sinda, and Benjamin Sangster, "Visual Reverse Engineering of Binary and Data Files", Springer, pp. 1–17, 2008.##
  9. - Kyoung Soo Han, Jae Hyun Lim, Boojoong Kang, Eul Gyu Im, "Malware analysis using visualized images and entropy graphs", Springer, Int. J. Inf. Secur, 2014.##
  10. - KyoungSoo Han, BooJoong Kang, and Eul Gyu Im, "Malware Analysis Using Visualized Image Matrices", Hindawi, the Scientific World Journal, Volume 2014, Article ID 132713, pp. 15.##
Volume 9, Issue 2 - Serial Number 2
September 2029
Pages 95-101
  • Receive Date: 06 June 2017
  • Revise Date: 04 March 2019
  • Accept Date: 19 September 2018
  • Publish Date: 23 August 2018