"A comparison of static, dynamic, and hybrid analysis for malware detection" by Anusha Damodaran

Selected Works of Thomas H. Austin

Follow Contact

Article

A comparison of static, dynamic, and hybrid analysis for malware detection

Journal of Computer Virology and Hacking Techniques (2017)

Anusha Damodaran, San Jose State University
Fabio Di. Troia, Università degli Studi del Sannio
Corrado A. Vissagio, Università degli Studi del Sannio
Thomas H. Austin, San Jose State University
Mark Stamp, San Jose State University

Link Find in your library

Abstract

In this research, we compare malware detection techniques based on static, dynamic, and hybrid analysis. Specifically, we train Hidden Markov Models (HMMs) on both static and dynamic feature sets and compare the resulting detection rates over a substantial number of malware families. We also consider hybrid cases, where dynamic analysis is used in the training phase, with static techniques used in the detection phase, and vice versa. In our experiments, a fully dynamic approach generally yields the best detection rates. We discuss the implications of this research for malware detection based on hybrid techniques

Disciplines

Computer Sciences

Publication Date

2017

DOI

10.1007/s11416-015-0261-z

Citation Information

Anusha Damodaran, Fabio Di. Troia, Corrado A. Vissagio, Thomas H. Austin, et al.. "A comparison of static, dynamic, and hybrid analysis for malware detection" Journal of Computer Virology and Hacking Techniques Vol. 13 Iss. 1 (2017) p. 1 - 12 ISSN: 2274-2042
Available at: http://works.bepress.com/thomas_austin/28/