Total views : 605

Detection of Malware of Code Clone using String Pattern Back Propagation Neural Network Algorithm

Affiliations

  • Computer Science and Engineering Department Chandigarh University, Mohali -140413, Punjab, India

Abstract


Background/Objectives: Malware is progressing at a faster pace so the identification of malware is a vital area in modernized world where information technology is rapidly emerging. This paper emphasizes on enhancement of performance parameters for malware detection of source code clones using proposed clone detection algorithm. Methods/ Statistical Analysis: The approaches defined by researchers didn’t consider data types, variables while clone detection. To fulfill the goal of proposed work, malware detection of clone clone and achieve better results the approach adopted is implementation of a clone detection algorithm ‘String Pattern Back Propagation Neural Network’ to determine the code clones and matching them with malware signatures in the repository for computation of performance parameters. Findings: The identification of malware is proceeded by utilizing java projects having different window size (20,40). The source code files are put into modularization phase to extract functions from different classes. Code clones are determined by applying the implemented algorithm for the evaluation of malware signatures. It was observed that employed approach results into better performance with high accuracy of 96.97% and hence, the approach developed proved to be deterministic and efficient. The paper provides an overview of state of the art and focuses on enhanced performance in terms of precision, recall and F-measure in case of Java language where the data types, variables, comments in the application are also given priority to detect code clones as compared to existing research malware binaries for achieving better performance. Applications/ Improvements: To handle the tremendous range of malicious code, the approach can be applied in varied multiple languages to detect the number of clones in an application or a system and achieve greater outcomes.

Keywords

Code Clone, Clone Detection Algorithm, Malware, Malware Analysis, Reverse Engineering.

Full Text:

 |  (PDF views: 757)

References


  • Ref- M. J. Rekoff. On reverse engineering. IEEE Trans. Systems, Man, and Cybernetics, pages 244–252, March-April 1985.
  • C.K. Roy and J.R. Cordy. A Survey on software clone detection research. Queens School of Computing TR, 541 : 115, 2007.
  • Bellon, Stefan, Rainer Koschke, Giuliano Antonial, Jens Krinke, and Ettore Merlo. “Comparison and evaluation of clone detection tools.” Software Engineering, IEEE Transactions on 33, no. 9 (2007): 577-591
  • Vinod, P., R. Jaipur, V. Laxmi, and M. Gaur. "Survey on malware detection methods." In Proceedings of the 3rd Hackers’ Workshop on Computer and Internet Security (IITKHACK’09), pp. 74-79. 2009.
  • Royinghal, Priyank, and Nataasha Raul. "Malware detection module using machine learning algorithms to assist in centralized security in enterprise networks." arXiv preprint arXiv:1205.3062 (2012).
  • Fred Cohen. Computer Viruses. PhD thesis, University of Southern California, 1985.
  • Williamson, David. "Deconstructing malware: what it is and how to stop it."Information Security Technical Report 9, no. 2 (2004): 27-34.
  • Sridhara, Sudarshan Madenur, and Mark Stamp. "Metamorphic worm that carries its own morphing engine." Journal of Computer Virology and Hacking Techniques 9, no. 2 (2013): 49-58.
  • Ravula, Ravindar Reddy. "Classification of Malware using Reverse Engineering and Data Mining Techniques." PhD diss., University of Akron, 2011.
  • Annachhatre, Chinmayee, Thomas H. Austin, and Mark Stamp. "Hidden Markov models for malware classification." Journal of Computer Virology and Hacking Techniques 11, no. 2 (2015): 59-73.
  • Mathur, Kirti, and Saroj Hiranwal. "A survey on techniques in detection and analyzing malware executables." International Journal of Advanced Research in Computer Science and Software Engineering 3, no. 4 (2013): 422-428.
  • Zhou, Yajin, and Xuxian Jiang. "Dissecting android malware: Characterization and evolution." In Security and Privacy (SP), 2012 IEEE Symposium on, pp. 95-109. IEEE, 2012.
  • Landage, Jyoti, and M. P. Wankhade. "Malware and Malware Detection Techniques: A Survey." In International Journal of Engineering Research and Technology, vol. 2, no. 12 (December-2013). ESRSA Publications, 2013.
  • Shahzad, Khurram, and Steve Woodhead. "A Pseudo-Worm Daemon (PWD) for empirical analysis of zero-day network worms and countermeasure testing." In Computing, Communication and Networking Technologies (ICCCNT), 2014 International Conference on, pp. 1-6. IEEE, 2014.
  • Pandey, Sudhir Kumar, and B. M. Mehtre. "A Lifecycle Based Approach for Malware Analysis." In Communication Systems and Network Technologies (CSNT), 2014 Fourth International Conference on, pp. 767-771. IEEE, 2014.
  • Saxe, Joshua, and Konstantin Berlin. "Deep neural network based malware detection using two dimensional binary program features." In 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), pp. 11-20. IEEE, 2015.
  • Jackson, D. and Waingold, A., 2001. Lightweight extraction of object models from bytecode. IEEE Transactions on Software Engineering, 27(2), pp.156-169.
  • Roy, Chanchal K., James R. Cordy, and Rainer Koschke. "Comparison and evaluation of code clone detection techniques and tools: A qualitative approach." Science of Computer Programming 74, no. 7 (2009): 470-495.
  • Kumar, Renuka, and Anand Raj Essar Vaishakh. "Detection of Obfuscation in Java Malware." Procedia Computer Science 78 (2016): 521-529.
  • Farhadi, Mohammad Reza, Benjamin Fung, Philippe Charland, and Mourad Debbabi. "BinClone: detecting code clones in malware." In Software Security and Reliability (SERE), 2014 Eighth International Conference on, pp. 78-87. IEEE, 2014.
  • Cordy, James R., Thomas R. Dean, and Nikita Synytskyy. "Practical language-independent detection of near-miss clones." In Proceedings of the 2004 conference of the Centre for Advanced Studies on Collaborative research, pp. 1-12. IBM Press, 2004.
  • Cilimkovic, Mirza. "Neural networks and back propagation algorithm."Institute of Technology Blanchardstown, Blanchardstown Road North Dublin15 (2015).
  • Ma, Weiqin, Pu Duan, Sanmin Liu, Guofei Gu, and Jyh-Charn Liu. "Shadow attacks: automatically evading system-call-behavior based malware detection." Journal in Computer Virology 8, no. 1-2 (2012): 1-13.
  • Lin, Ying-Dar, Yuan-Cheng Lai, Chien-Hung Chen, and Hao-Chuan Tsai. "Identifying android malicious repackaged applications by thread-grained system call sequences." computers & security 39 (2013): 340-350.
  • Zhang, Hao, Danfeng Daphne Yao, Naren Ramakrishnan, and Zhibin Zhang. "Causality reasoning about network events for detecting stealthy malware activities." computers & security 58 (2016): 180-198.
  • Yoshihisa Udagawa. “A Novel Technique for Retrieving Source Code Duplication” ICONS 2014 : The Ninth International Conference on Systems, pp.172-177
  • Annachhatre, Chinmayee, Thomas H. Austin, and Mark Stamp. "Hidden Markov models for malware classification." Journal of Computer Virology and Hacking Techniques 11, no. 2 (2015): 59-73.
  • Chen, Zhongqiang, Mema Roussopoulos, Zhanyan Liang, Yuan Zhang, Zhongrong Chen, and Alex Delis. "Malware characteristics and threats on the internet ecosystem." Journal of Systems and Software 85, no. 7 (2012): 1650-1672.
  • Goseva-Popstojanova, Katerina, and Andrei Perhinschi. "On the capability of static code analysis to detect security vulnerabilities." Information and Software Technology 68 (2015): 18-33.
  • Sajeer, K., and Paul Rodrigues. "Novel Approach of Implementing Speech Recognition using Neural Networks for Information Retrieval." Indian Journal of Science and Technology 8, no. 33 (2015).
  • Khoobjo, E. "New Hybrid Approach to Control the Arm of Flexible Robots by using Neural Networks, Fuzzy Algorithms and Particle Swarm Optimization Algorithm." Indian Journal of Science and Technology 8, no. 35 (2015).
  • Jeyaseelan, WR Salem, and S. Hariharan. "Malware Detection and Elimination using Bayesian Technique and Nymble Algorithm." Indian Journal of Science and Technology 8, no. 34 (2015).
  • Ahmad, Dar Muneer, and Parvez Javed. "Security Comparison of Android and IOS and Implementationof User Approved Security (UAS) for Android."Indian Journal of Science and Technology 9, no. 14 (2016).
  • Jang, Jae-wook, Hyunjae Kang, Jiyoung Woo, Aziz Mohaisen, and Huy Kang Kim. "Andro-dumpsys: anti-malware system based on the similarity of malware creator and malware centric information." Computers & Security(2016).
  • Sathish, Vidhya, and P. Sheik Abdul Khader. "Deployment of proposed botnet monitoring platform using online malware analysis for distributed environment." Indian Journal of Science and Technology 7, no. 8 (2014): 1087.
  • Malik, Sapna, and Kiran Khatter. "System Call Analysis of Android Malware Families." Indian Journal of Science and Technology 9, no. 21 (2016).

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.