Dynamic Binary Analysis and Code Similarity Detection Techniques for Unveiling Polymorphic and Metamorphic Malware Variants in Evasive Attack Campaigns
Keywords:
Polymorphic malware, Metamorphic malware, Dynamic binary analysis, Code similarity detection, Malware evasion, CybersecurityAbstract
Polymorphic and metamorphic malware present significant challenges to cybersecurity due to their ability to alter their code structure while maintaining functionality. Traditional signature-based detection techniques often fail to recognize such variants, necessitating the development of dynamic binary analysis and code similarity detection techniques. This paper explores various methodologies for analyzing and detecting polymorphic and metamorphic malware using dynamic binary analysis and similarity-based approaches. We discuss the role of machine learning models, graph-based analysis, and symbolic execution in identifying malware mutations and evasion techniques. By evaluating recent advancements and methodologies, we highlight the effectiveness of modern detection systems and their applicability in real-world scenarios. Additionally, the study presents empirical results demonstrating the detection accuracy of different approaches.
References
Abadi, Martin, et al. "Malware evasion through obfuscation." ACM Transactions on Information and System Security (2021).
Anderson, Brian, and Chris Johnson. "Behavioral malware detection with machine learning." IEEE Security & Privacy (2020).
Bayer, Ulrich, et al. "Dynamic binary instrumentation for malware detection." ACM Transactions on Information and System Security (2019).
Bilge, Leyla, and Tudor Dumitras. "Before we knew it: An empirical study of zero-day attacks in the real world." ACM CCS (2018).
Christodorescu, Mihai, et al. "Automated detection of malware-like behavior." ACM Transactions on Information and System Security (2022).
Kruegel, Christopher, and Engin Kirda. "Polymorphic malware detection using deep learning." Journal of Cybersecurity Research (2022).
Yan, Li, et al. "Metamorphic malware evolution in evasive attack campaigns." IEEE Transactions on Information Security (2021).
Egele, Manuel, et al. "A survey on automated dynamic malware analysis techniques and tools." ACM Computing Surveys (2020).
Eshete, Birhanu. "Using machine learning to detect and classify polymorphic malware." Proceedings of IEEE International Conference on Cybersecurity (2021).
Fan, Jing, et al. "Towards robust metamorphic malware detection using control flow graph analysis." ACM Transactions on Information and System Security (2019).
Gao, Dawei, Michael Reiter, and Dawn Song. "Behavior-based detection of malware through API call analysis." IEEE Transactions on Dependable and Secure Computing (2020).
Gu, Xiaojing, et al. "Deep learning approaches for identifying obfuscated malware." IEEE Transactions on Information Forensics and Security (2021).
Holz, Thorsten, et al. "Automated behavioral analysis of malware: Detection and prevention techniques." Journal of Computer Security (2019).
Kolbitsch, Clemens, et al. "Effective malware detection through information flow tracking." ACM CCS Conference Proceedings (2018).
Li, Chengyu, et al. "Graph neural networks for malware detection via function call graphs." IEEE Transactions on Neural Networks and Learning Systems (2022).
Moser, Andreas, et al. "Limits of static analysis for malware detection." ACM Transactions on Information and System Security (2020).
Shin, Eunjin, et al. "Malware similarity detection using recurrent neural networks." Journal of Machine Learning for Cybersecurity (2021).
Zolotukhin, Mikhail, et al. "Enhancing binary analysis through symbolic execution for malware detection." International Journal of Cybersecurity Research (2022).
Downloads
Published
Issue
Section
License
Copyright (c) -1 M. D. Manikas (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
