Abstract
In today’s world, information is one of the most valuable assets, but there is a major threat to it by the evolving second-generation sophisticated malware, because it can enter the networks, quietly take the confidential data/information from the computational devices, and can cripple the infrastructures, etc. To detect these malware, time-to-time various techniques are proposed. These methods range from the early day signature-based detection to machine/deep learning techniques. Therefore, to understand the evolution of malware and its detection technique, this paper presents an overview of the evolution of malware and it’s detection techniques. It discusses in details the various type of second-generation malware and the popular detection techniques used to detect it, viz. signature matching, heuristic methods, normalization, and machine/deep learning techniques.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Internet Security Threat Report (ISTR): Technical report. Symantec Corporation, April 2012. Date last accessed 31 May 2018. http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_2011_21239364.en-us.pdf
The Need for Speed: 2013 Incident Response Survey. Technical report, FireEye (2013). Date last accessed 31 May 2018
Internet Security Threat Report (ISTR). Technical report, Symantec Corporation, April 2017. Date last accessed 31 May 2018. http://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf
McAfee Labs Threats Report: Technical report, McAfee, June 2014. Date last accessed 31 May 2018. https://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q2-2014.pdf
Internet Security Threat Report (ISTR): Technical report, Symantec Corporation, April 2014. Date last accessed 31 May 2018. https://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf
Daly , M.K.: Advanced persistent threat. USENIX 4 (2009)
Quick Heal Quarterly Threat Report Q2 2015: Technical report, Quick Heal, February 2015. Date last accessed 31 May 2018. www.quickheal.co.in/resources/threat-reports
Internet Security Threat Report (ISTR): Technical report, Symantec Corporation (2016). Date last accessed 31 May 2018
Sharma, A., Sahay, S.K.: An effective approach for classification of advanced malware with high accuracy. Int. J. Secur. Appl. 10(4), 249–266 (2016)
Sahay, S.K., Sharma, A.: Grouping the executables to detect malware with high accuracy. Procedia Comput. Sci. Proc. 78, 667–674 (2016)
Feizollah, A., Anuar, N.B., Salleh, R., Suarez-Tangil, G., Furnell, S.: Androdialysis: analysis of android intent effectiveness in malware detection. Comput. Secur. 65, 121–134 (2017)
Das, S., Liu, Y., Zhang, W., Chandramohan, M.: Semantics-based online malware detection: towards efficient real-time protection against malware. IEEE Trans. Inform. Forens. Secur. 11(2), 289–302 (2016)
Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: effective and efficient behavior-based android malware detection and prevention. IEEE Trans.Depend.Sec. Comput. 15(1), 83–97 (2017)
Sharma, A., Sahay, S.K., Kumar, A.: Improving the detection accuracy of unknown malware by partitioning the executables in groups. In: Advanced Computing and Communication Technologies, pp. 421–431. Springer, Berlin (2016)
Sharma, A., Sahay, K, S.: An investigation of the classifiers to detect android malicious apps. In: Proceedings of ICICT Information and Communication Technology, vol. 625, pp. 207–217. Springer, Berlin (2017)
Sharma, A., Sahay, S.K.: Evolution and detection of polymorphic and metamorphic malwares: a survey. Int. J. Comput. Appl. 90(2), 7–11 (2014)
Security software–Statistics & Facts: https://www.statista.com/topics/2208/security-software (2016). Date last accessed 21 Mar 2018
You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: 2010 International Conference on Broadband, Wireless Computing, Communication and Applications, Nov 2010, pp. 297–300
Stallings, W.: Network Security Essentials: Applications and Standards. Pearson Education India (2007)
Szor, P.: The Art of Computer Virus Research and Defense. Pearson Education (2005)
Beaucamps, P.: Advanced polymorphic techniques. Int. J. Comput. Sci. 2(3), 194–205 (2007)
You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: 2010 International conference on Broadband, Wireless Computing, Communication and Applications, pp. 297–300. IEEE (2010)
Shah, A.: Approximate disassembly using dynamic programming. Ph.D. thesis, Citeseer (2010)
Rad, B.B., Masrom, M., Ibrahim, S.: Camouflage in malware: from encryption to metamorphism. Int. J. Comput. Sci. Network Secur. 12(8), 74–83 (2012)
Rad, B.B., Masrom, M., Ibrahim, S.: Evolution of computer virus concealment and anti-virus techniques: a short survey. arXiv preprint arXiv:1104.1070 (2011)
Szor, P., Ferrie, P.: Hunting for metamorphic. In: Virus Bulletin Conference, pp. 123–144 (2001)
Austin, T.H., Filiol, E., Josse, S., Stamp, M.: Exploring hidden markov models for virus analysis: a semantic approach. In: 46th Hawaii International Conference on System Sciences (HICSS), pp. 5039–5048. IEEE (2013)
Wong, W., Stamp, M.: Hunting for metamorphic engines. J. Comput. Virol. 2(3), 211–229 (2006)
Griffin, K., Schneider, S., Hu, X., Chiueh, T.C.: Automatic generation of string signatures for malware detection. In: Recent Advances in Intrusion Detection, pp. 101–120. Springer, Berlin (2009)
Tran, N.P., Lee, M.: High performance string matching for security applications. In: 2013 International Conference on ICT for Smart Society (ICISS), pp. 1–5. IEEE (2013)
Ddcreateur: Antivirus 2004, [database on the internet] (March 2014), http://files.codes-ources.com/fichier_fullscreen.aspx?id=21418&f=virussignatur-es.txt&lang=en
Grosso, N.D.: It’s time to rethink your corporate malware strategy, 24 Feb, 2002. https://www.sans.org/reading-room/whitepapers/malicious/its-time-rethink-corporate-malware-strategy-124
Yanfang Ye, Tao Li, D.A.S.S.I.: A survey on malware detection using data mining techniques. ACM Comput. Surv. (CSUR) 50(3), 41:1–41:40 (2017)
Inc, D.: 3% to 5% of enterprise assets are compromised by bot-driven targeted attack malware, 2 Mar 2009. https://www.prnewswire.com/news-releases/3-to-5-of-enterprise-assets-are-compromised-by-bot-driven-targeted-attack-malware-61634867.html
Harley, D., Lee, A.: Heuristic analysis–detecting unknown viruses. Technical report (2007). Date last accessed 31 May 2018
Mathur, K., Hiranwal, S.: A survey on techniques in detection and analyzing malware executables. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 3(4), 422–428 (2013)
Govindaraju, A.: Exhaustive statistical analysis for detection of metamorphic malware (2010)
Xu, M., Wu, L., Qi, S., Xu, J., Zhang, H., Ren, Y., Zheng, N.: A similarity metric method of obfuscated malware using function-call graph. J. Comput. Virol. Hack. Techniq. 9(1), 35–47 (2013)
Xu, J.Y., Sung, A.H., Chavez, P., Mukkamala, S.: Polymorphic malicious executable scanner by api sequence analysis. In: Fourth International Conference on Hybrid Intelligent Systems (HIS’04), pp. 378–383. IEEE (2004)
Mihai Christodorescu, Somesh Jha, S.A.S.D.S., Bryant, R.E.: Semantics-aware malware detection. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy (SP ’05), pp. 32–46. ACM, May 2005
Christodorescu, M., Kinder, J., Jha, S., Katzenbeisser, S., Veith, H.: Malware normalization. Technical report, University of Wisconsin (2005). http://pages.cs.wisc.edu/~mihai/publications /Malware%20Normalization/Malware%20Normalization.pdf
Armoun, S.E., Hashemi, S.: A general paradigm for normalizing metamorphic malwares. In: 2012 10th International Conference on Frontiers of Information Technology (FIT), pp. 348–353. IEEE (2012)
Mitchell, T.M.: Machine Learning. McGraw-Hill, Boston (1997)
Moskovitch, R., Elovici, Y., Rokach, L.: Detection of unknown computer worms based on behavioral classification of the host. Comput. Stat. Data Anal. 52(9), 4544–4566 (2008)
Alazab, M., Venkatraman, S., Watters, P., Alazab, M.: Zero-day malware detection based on supervised learning algorithms of API call signatures. In: Proceedings of the Ninth Australasian Data Mining Conference, vol. 121, pp. 171–182. Australian Computer Society, Inc. (2011)
Siddiqui, M., Wang, M.C., Lee, J.: A survey of data mining techniques for malware detection using file features. In: Proceedings of the 46th Annual Southeast Regional Conference on xx, pp. 509–510. ACM (2008)
Jacob, G., Debar, H., Filiol, E.: Behavioral detection of malware: from a survey towards an established taxonomy. J. Comput. Virol. 4(3), 251–266 (2008)
Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial Perturbations Against Deep Neural Networks for Malware Classification (2016). https://arxiv.org/abs/1606.04435?context=cs
Yin, W., Kann, K., Yu, M., Schutze, H.: Comparative Study of CNN and RNN for Natural Language Processing (2017). https://arxiv.org/abs/1702.01923
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sahay, S.K., Sharma, A., Rathore, H. (2020). Evolution of Malware and Its Detection Techniques. In: Tuba, M., Akashe, S., Joshi, A. (eds) Information and Communication Technology for Sustainable Development. Advances in Intelligent Systems and Computing, vol 933. Springer, Singapore. https://doi.org/10.1007/978-981-13-7166-0_14
Download citation
DOI: https://doi.org/10.1007/978-981-13-7166-0_14
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-7165-3
Online ISBN: 978-981-13-7166-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)