A study to develop a knowledge domain analyzer using data mining concepts for malware analysis

Abstract

In today s digital era, we do most of our daily businesses through computers, smartphones, smart devices and other handheld devices connected via internet. The extensive use of these technologically advanced computing devices, leads to generation of huge volumes of data every day. On the other hand, malicious software or malware are being generated and distributed in different forms by the ill-mindedcybercriminals to steal the sensitive data. Malware attacks are increasing every year despite manysecurity measures taken by individuals and organizations at regular intervals.Therefore, the study on malware detection and analysis is an endless research topic for many researchers. newlineIn this work, a practicalon the tools and techniques used for the static and dynamic analysis methods is done to understand various insights of malware and benign files. An experiment is conducted to study the behavior of packed malware and legitimate samples. Five detection models are proposed based on the features such as; Application Programming Interface (API) calls, operation codes (Opcode), change-in system behaviors and combination of static and dynamic features. newline