"Detecting Encrypted and Polymorphic Malware Using Hidden Markov Models" by Dhiviya Dhanasekar

Selected Works of Katerina Potika

Follow Contact

Contribution to Book

Detecting Encrypted and Polymorphic Malware Using Hidden Markov Models

Guide to Vulnerability Analysis for Computer Networks and Systems — An Artificial Intelligence Approach (2018)

Dhiviya Dhanasekar, San Jose State University
Fabio Di Troia, San Jose State University
Katerina Potika, San Jose State University
Mark Stamp, San Jose State University
Simon Parkinson, University of Huddersfield
Andrew Crampton, University of Huddersfield
Richard Hill, University of Huddersfield

Link

Abstract

Encrypted code is often present in some types of advanced malware, while such code virtually never appears in legitimate applications. Hence, the presence of encrypted code within an executable file could serve as a strong heuristic for malware detection. In this chapter, we consider the feasibility of detecting encrypted segments within an executable file using hidden Markov models.

Keywords

Encrypted Code,
Malware Detection,
Metamorphic Viruses,
Polymorphic Viruses,
Boot Sector

Disciplines

Publication Date

2018

ISBN

978-3-319-92624-7

DOI

10.1007/978-3-319-92624-7_12

Citation Information

Dhiviya Dhanasekar, Fabio Di Troia, Katerina Potika, Mark Stamp, et al.. "Detecting Encrypted and Polymorphic Malware Using Hidden Markov Models" Guide to Vulnerability Analysis for Computer Networks and Systems — An Artificial Intelligence Approach (2018) p. 281 - 299
Available at: http://works.bepress.com/aikaterini-potika/23/