Sciweavers

ICARIS
2009
Springer

A Sense of 'Danger' for Windows Processes

14 years 7 months ago
A Sense of 'Danger' for Windows Processes
The sophistication of modern computer malware demands run-time malware detection strategies which are not only efficient but also robust to obfuscation and evasion attempts. In this paper, we investigate the suitability of recently proposed Dendritic Cell Algorithms (DCA), both classical DCA (cDCA) and deterministic DCA (dDCA), for malware detection at run-time. We have collected API call traces of real malware and benign processes running on Windows operating system. We evaluate the accuracy of cDCA and dDCA for classifying between malware and benign processes using API call sequences. Moreover, we also study the effects of antigen multiplier and time-windows on the detection accuracy of both algorithms. Key words: API Call Sequence, Artificial Immune System, Dendritic Cell Algorithm, Malware Detection
Salman Manzoor, M. Zubair Shafiq, S. Momina Tabish
Added 26 May 2010
Updated 26 May 2010
Type Conference
Year 2009
Where ICARIS
Authors Salman Manzoor, M. Zubair Shafiq, S. Momina Tabish, Muddassar Farooq
Comments (0)