Journals Information
Computer Science and Information Technology Vol. 4(3), pp. 85 - 91
DOI: 10.13189/csit.2016.040301
Reprint (PDF) (572Kb)
Detecting Malicious Behaviors of Software through Analysis of API Sequence k-grams
Hyun-il Lim *
Department of Computer Engineering, Kyungnam University, South Korea
ABSTRACT
Nowadays, software is widely applied to increase accuracy, efficiency, and convenience in various areas in our life. So, it is essential to use software in our recent computing environments. Despite of the valuable applications of software, malicious behaviors caused by vulnerability of software threaten our secure computing environments. So, it is important to identify and detect malicious behaviors of software for maintaining computing environments. In this paper, we propose an approach to detecting malicious behaviors of software by analyzing information of API function calls. API function calls are essentially used to make use of various services provided by operating systems or devices in developing software. In addition, API functions can describe the behaviors of software because they perform predefined specific operations during program execution. In this paper, we classify API functions in Microsoft Windows operating systems, and propose an approach to representing malicious behaviors of software with API functions. We propose an approach to detecting malicious behaviors of software by analyzing dynamic API function calls. To increase the efficiency and the tolerance of the analysis, malicious behaviors are abstracted as sets of k-grams, and they can be identified by calculating similarity between the sets of k-grams and a sequence of API function calls.
KEYWORDS
Malware Detection, Software Behavior Analysis, Malicious Behavior, Dynamic API Analysis
Cite This Paper in IEEE or APA Citation Styles
(a). IEEE Format:
[1] Hyun-il Lim , "Detecting Malicious Behaviors of Software through Analysis of API Sequence k-grams," Computer Science and Information Technology, Vol. 4, No. 3, pp. 85 - 91, 2016. DOI: 10.13189/csit.2016.040301.
(b). APA Format:
Hyun-il Lim (2016). Detecting Malicious Behaviors of Software through Analysis of API Sequence k-grams. Computer Science and Information Technology, 4(3), 85 - 91. DOI: 10.13189/csit.2016.040301.