A Malware Detection Method Based on Static Analysis of PE Structure

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

Javaheri Danial; PARSA S.

Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: Advanced Defense Science and Technology Year:2014 | Volume:5 | Issue:3 Page(s): 187-201

Download Full-Text

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Persian Verion

View:

1,404

Download:

Cites:

Information Journal Paper

Title

A Malware Detection Method Based on Static Analysis of PE Structure

Author(s)

Javaheri Danial | PARSA S. | Issue Writer Certificate

Keywords

Malware DetectionQ2

PE StructureQ2

Static AnalysisQ2

Virus HeaderQ2

Data MiningQ2

Behavioral AnalysisQ2

Machine LearningQ2

Abstract

This article study and compare malware families and Malware Detection methods and propose a new and efficient method for Malware Detection by Static Analysis. Proposed method based on PE Structure of executable files. Our method propose some new feathers such as quantity, name and size of sections, name of system calls and their libraries in IAT and EAT table, entry point and entropy for detection and distinguishes malwares and benign files by observing and exploring PE Structure and header of mentioned files very deeply. These feathers can assign positive and negative point to determine malignant or benign rate of an unknown executable file by formulas of proposed method. We extract these features by doing data-mining on a large scale consist near 15000 malwares and 13500 benign files and used Machine Learning techniques for train and learn an intelligent rule base model for Malware Detection. Proposed method of this article cluster malwares in 5 and benign files in 2 families. This article evaluate accuracy of proposed method in detection and clustering malware and benign files and indicate that proposed method can detect and cluster malwares by more than 95 percent in accuracy and compete with other methods and get second ranked.

Cites

No record.

References

No record.

Cite

APA: Copy

Javaheri, Danial, & PARSA, S.. (2014). A Malware Detection Method Based on Static Analysis of PE Structure. (JOURNAL OF ADVANCED DEFENCE SCIENCE AND TECHNOLOGY) JOURNAL OF PASSIVE DEFENCE SCIENCE AND TECHNOLOGY, 5(3 ), 187-201. SID. https://sid.ir/paper/167347/en

Vancouver: Copy

Javaheri Danial, PARSA S.. A Malware Detection Method Based on Static Analysis of PE Structure. (JOURNAL OF ADVANCED DEFENCE SCIENCE AND TECHNOLOGY) JOURNAL OF PASSIVE DEFENCE SCIENCE AND TECHNOLOGY[Internet]. 2014;5(3 ):187-201. Available from: https://sid.ir/paper/167347/en

IEEE: Copy

Danial Javaheri, and S. PARSA, “A Malware Detection Method Based on Static Analysis of PE Structure,” (JOURNAL OF ADVANCED DEFENCE SCIENCE AND TECHNOLOGY) JOURNAL OF PASSIVE DEFENCE SCIENCE AND TECHNOLOGY, vol. 5, no. 3 , pp. 187–201, 2014, [Online]. Available: https://sid.ir/paper/167347/en

Related Journal Papers