ACTM: API Call Transition Matrix-based Malware Detection Method

Traditional malware detection techniques, such as signature-based detection and traditional antivirus software, are not beneficial for detecting many recent malware threats. In this paper, we propose a novel malware detection technique, API call transition matrix-based malware detection (ACTM), that...

Full description

Saved in:
Bibliographic Details
Main Authors: Sruthi, V. Mohana, Thanudas, B., Sreelal, S., Chakraborty, Abhishek, Manoj, B. S.
Format: Conference Proceeding
Language:English
Subjects:
ACTM
API call signature
API call transition matrix
Data collection
Feature extraction
machine learning algorithms
Malware
malware detection
Monitoring
Runtime
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Traditional malware detection techniques, such as signature-based detection and traditional antivirus software, are not beneficial for detecting many recent malware threats. In this paper, we propose a novel malware detection technique, API call transition matrix-based malware detection (ACTM), that efficiently detects malware based on their runtime behavior. We find that the ACTM technique performs better and detects malware with approximately 95.23% accuracy. ACTM can find applications in designing real-time malware detection when an enterprise network security system is concerned.
ISSN:2153-1684
DOI:10.1109/ANTS.2018.8710081