Noble Feature Extraction of Malware from Contents of File

  IJCTT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© 2017 by IJCTT Journal
Volume-48 Number-4
Year of Publication : 2017
Authors : Hemant J. Chaudhari, Prof. M. S. Mahindrakar
  10.14445/22312803/IJCTT-V48P135

MLA

Hemant J. Chaudhari, Prof. M. S. Mahindrakar "Noble Feature Extraction of Malware from Contents of File". International Journal of Computer Trends and Technology (IJCTT) V48(4):192-195, June 2017. ISSN:2231-2803. www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract -
Malware family identification is a critical process involving extraction of distinctive property from a set of malware samples. Now a day several malware authors use various techniques to prevent the identification of unique property of their programs, such as, encryption and obfuscation. In this paper, we present features extraction of malware from contents of the file. First of all we scanning sample dataset or executable file through the virus total online tool[4] then disassemble given file by using IDA pro tool[1]; Convert given file into N-gram sequential pattern by using KfNgram tool[2]; Measurement of used symbols, sections, metadata and finally calculate the entropy. Our goal in this research is to introduce a noble set of features to understood malware features.

References
[1] IDA-Pro tool, available at http:// www.hex-rays.com
[2] KfNgram tool available at http://www.kwicfinder.com/kfNgram
[3] HxD Tool, available at https://mhnexus.de/en/downloads.php?product =HxD
[4] Virus-Total online tool available at, https://www.virustotal.com
[5] Hex-to-text Converter online tool, available at http://www.rapidtables.com/convert/number/ hex-to-ascii.html
[6] Count number of lines online tool, available at https://www.tools4noobs.com/onlinetools
[7] VXheavens Website for Datasets http://vx.netlux.org
[8] Chatchai Liangboonprakong Ohm Sornil, Bangkok, Thailand Classification of Malware Families Based on N-grams Sequential Pattern Features IEEE 2013.
[9] Mansour Ahmadi Dmitry Ulyanov, University of Cagliari, Italy Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification CODASPY 16, March 09-11, 2016, New Orleans, LA, USA.
[10] Smita Ranveer Swapnaja Hiray,Sinhgad College of Engineering, Pune Comparative Analysis of Feature Extraction, Methods of Malware Detection International Journal of Computer Applications (0975 8887) Volume 120 No. 5, June 2015.
[11] ROBERT LYDA, Sparta JAMES HAMROCK, McDonald Bradley Using Entropy Analysis to Find Encrypted and Packed Malware in 1540-7993/07 2007 IEEE SECURITY PRIVACY.

Keywords
Feature Extraction of Malware, N-gram, Sequential pattern, Malware features, Set of attributes, Metadata, Malicious Symbols, Sections, Entropy.