A Static Analysis Tool for Malware Detection

A Static Analysis Tool for Malware Detection

연구 분야: Safety

학회: 2021 International Conference on Data Analytics for Business and Industry (ICDABI)

Malware detection refers to the process of detecting the presence of Malware on a host system or of distinguishing whether a specific program is malicious. The different types of Malware created new challenges for the researchers to develop a concrete detection solution that can tackle the Malware effectively. Malware analysis can be classified into two methods: The first is done by analyzing the Malware statically without executing it. The second method is conducted by analyzing the Malware dynamically, which is conducted by monitoring it during its execution in an isolated, safe environment. This paper developed a tool that performs static analysis on the Malware to detect its behaviour. The tool works by extracting the suspected program’s APIs and checking if those APIs are malicious or not. The tool showed promising results and high accuracy to tell whether the analyzed program is Keylogger, Ransomware, Backdoor or benign. Moreover, some false-positive results appeared during the tests when trying to identify software like Zoom and Team Viewer.