MACA-I: A Malware Detection Technique using Memory Management API Call Mining

Present day malicious software, often encountered in an Internet-enabled electronic system, turn to be extremely difficult to be detected by the existing malware detection solutions. In this paper, we introduce a novel malware detection strategy, Memory management with API CAll mIning (MACA-I), that...

Full description

Saved in:
Bibliographic Details
Published inTENCON 2019 - 2019 IEEE Region 10 Conference (TENCON) pp. 527 - 532
Main Authors Sai, K. V. Niranjan, Thanudas, B., Sreelal, S., Chakraborty, Abhishek, Manoj, B. S.
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.10.2019
Subjects
API call mining
API call transition matrix
Feature extraction
MACA-I
machine learning algorithms
Malware
malware detection
Memory management
Monitoring
Resource management
Runtime
Online AccessGet full text

Cover

More Information
Summary:Present day malicious software, often encountered in an Internet-enabled electronic system, turn to be extremely difficult to be detected by the existing malware detection solutions. In this paper, we introduce a novel malware detection strategy, Memory management with API CAll mIning (MACA-I), that efficiently detects malware based on the dynamic analysis. MACA-I analyzes API calls that are responsible for accessing the system memory and, thereby, generates required features by observing the transitions of memory management APIs as well as the allocated memory block space during the runtime. We find that MACA-I is approximately 95.45% accurate while detecting malware programs on the basis of system memory-related runtime behavior.
ISSN:2159-3450
DOI:10.1109/TENCON.2019.8929250