정적 분석과 스태킹 기법을 활용한 악성 코드 탐지 시스템에 관한 연구

• Published in: 전기학회 논문지 P권, 69(3) Vol. 69P; no. 3; pp. 187 - 192
• Main Authors: 조진영(Jin-Young Cho), 고은기(Eun-Gi Ko), 유혜빈(Hye-Bin Yoo), 조미리(Mi-Ri Cho), 서창진(Chang-Jin Seo)
• Format: Journal Article
• Language: Korean
• Published: 대한전기학회 01.09.2020
• Subjects: 전기공학; Benign; PE header; Malware; Detection; Static Analysis; Machine Learning; Stacking model
• ISSN: 1229-800X; 2586-7792
• DOI: 10.5370/KIEEP.2020.69.3.187

The Fourth Industrial Revolution, the introduction of ICT technology, expanded throughout society, increases daily convenience and industrial productivity. But along with the advancing technology, new malicious program threats have also continued to surge. This study proposes a malware detection method using static analysis and stacking techniques to detect new malware as fast and accurately. And we used PE header features, which are extracted through static analysis to process malware without executing it actually. The pe_packer feature was the most efficient in the experiment due to processing the extracted data in various ways and applying it to the machine learning model. So we selected as the feature data to be used to the stacking model. The detection model is implemented based on the stacking technique rather than a single model to detect with high accuracy. The proposed system can classify malware or normal files with fast and accurately. And It has a 94.7 percent detection rate and is better than the existing single model-based detection system. KCI Citation Count: 0