Ahmad Zabidi, Muhammad Najmi and Maarof, Mohd Aizaini and Zainal, Anazida (2012) Malware Analysis with Multiple Features. In: UKSim 14th International Conference on Computer Modelling and Simulation, UKSim2012 (UKSim2012), 28-30th March 2012, University of Cambridge, United Kingdom. (Unpublished)
![[img]](http://irep.iium.edu.my/style/images/fileicons/application_pdf.png) |
PDF (Proceeding cover n contents)
- Published Version
Restricted to Registered users only Download (604kB) | Request a copy |
|
PDF (Published proceeding)
- Published Version
Restricted to Registered users only Download (355kB) | Request a copy |
Abstract
Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pi-ngaji, which could assist the work of malware analyst to get the static features of malware. pi-ngaji contains several modules - Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decryptor. pi-ngaji was developed in order to assist our work in getting malware features. pi-ngaji is focusing on ripping Microsoft Windows executable binaries' malicious features.
| Item Type: | Conference or Workshop Item (Full Paper) |
|---|---|
| Additional Information: | 4969/23655 Proceedings - 2012 14th International Conference on Modelling and Simulation, UKSim 2012 |
| Uncontrolled Keywords: | malware, static analysis, feature selection |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science Q Science > QA Mathematics > QA76 Computer software |
| Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): | Kulliyyah of Information and Communication Technology > Department of Computer Science Kulliyyah of Information and Communication Technology > Department of Computer Science |
| Depositing User: | Mr Muhammad Najmi Ahmad Zabidi |
| Date Deposited: | 26 Jul 2012 12:09 |
| Last Modified: | 27 Jul 2012 09:26 |
| URI: | http://irep.iium.edu.my/id/eprint/23655 |
Actions (login required)
 |
View Item |
Download Statistics
Download Statistics