IIUM Repository

Malware Analysis with Multiple Features

Ahmad Zabidi, Muhammad Najmi and Maarof, Mohd Aizaini and Zainal, Anazida (2012) Malware Analysis with Multiple Features. In: UKSim 14th International Conference on Computer Modelling and Simulation, UKSim2012 (UKSim2012), 28-30th March 2012, University of Cambridge, United Kingdom. (Unpublished)

[img] PDF (Proceeding cover n contents) - Published Version
Restricted to Registered users only

Download (604kB) | Request a copy
[img] PDF (Published proceeding) - Published Version
Restricted to Registered users only

Download (355kB) | Request a copy

Abstract

Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pi-ngaji, which could assist the work of malware analyst to get the static features of malware. pi-ngaji contains several modules - Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decryptor. pi-ngaji was developed in order to assist our work in getting malware features. pi-ngaji is focusing on ripping Microsoft Windows executable binaries' malicious features.

Item Type: Conference or Workshop Item (Full Paper)
Additional Information: 4969/23655 Proceedings - 2012 14th International Conference on Modelling and Simulation, UKSim 2012
Uncontrolled Keywords: malware, static analysis, feature selection
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): Kulliyyah of Information and Communication Technology > Department of Computer Science
Kulliyyah of Information and Communication Technology > Department of Computer Science
Depositing User: Mr Muhammad Najmi Ahmad Zabidi
Date Deposited: 26 Jul 2012 12:09
Last Modified: 27 Jul 2012 09:26
URI: http://irep.iium.edu.my/id/eprint/23655

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year