Contribution to Book
Malware Detection Using Dynamic Birthmarks
Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics
(2016)
Abstract
In this paper, we compare the effectiveness of Hidden Markov Models (HMMs) with that of Profile Hidden Markov Models (PHMMs), where both are trained on sequences of API calls. We compare our results to static analysis using HMMs trained on sequences of opcodes, and show that dynamic analysis achieves significantly stronger results in many cases. Furthermore, in comparing our two dynamic analysis approaches, we find that using PHMMs consistently outperforms our technique based on HMMs.
Keywords
- Malware,
- Hidden Markov Models,
- Profile Hidden Markov Models,
- Dynamic Analysis,
- Static Analysis
Disciplines
Publication Date
March 9, 2016
Publisher
ACM
ISBN
978-1-4503-4077-9
DOI
10.1145/2875475.2875476
Citation Information
Swapna Vemparala, Fabio Di Troia, Visaggio Aaron Corrado, Thomas H. Austin, et al.. "Malware Detection Using Dynamic Birthmarks" New York, NYProceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics (2016) p. 41 - 46 Available at: http://works.bepress.com/mark_stamp/61/