Skip to main content
SpringerLink
Log in

Improving Malware Detection with a Novel Dataset Based on API Calls

  • Conference paper
  • First Online:
17th International Conference on Soft Computing Models in Industrial and Environmental Applications (SOCO 2022) (SOCO 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 531))

Abstract

In this paper, we analyze current methods to distinguish malware from benign software using Machine Learning (ML) and feature engineering techniques that have been implemented in recent years. Moreover, we build a new dataset based on API calls gathered from software analysis, conforming more than 30000 samples belonging to malware as well as benign software. Finally, we test this dataset with an existing model that achieves accuracy rates close to 97% with a different, smaller dataset, identifying interesting results that can open new research opportunities in this field.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://drive.google.com/file/d/1SMBL3wvyFDOHXxC9zz3IRLcp1BdW8ZqL/view?usp=sharing.

References

  1. Alazab, M., Venkatraman, S., Watters, P., Alazab, M., Alazab, A.: Cybercrime: the case of obfuscated malware. In: Global Security, Safety and Sustainability & E-Democracy, pp. 204–211 (2012)

    Google Scholar 

  2. Yuan, X.: PhD Forum: deep learning-based real-time malware detection with multi-stage analysis. In: 2017 IEEE International Conference On Smart Computing (SMARTCOMP), pp. 1–2 (2017)

    Google Scholar 

  3. Wang, W., Zhu, M., Zeng, X., Ye, X., Sheng, Y.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN), pp. 712–717 (2017)

    Google Scholar 

  4. Singh, J., Singh, J.: A survey on machine learning-based malware detection in executable files. J. Syst. Archit. 112, 101861 (2021). https://www.sciencedirect.com/science/article/pii/S1383762120301442

  5. Sami, A., Yadegari, B., Rahimi, H., Peiravian, N., Hashemi, S., Hamze, A.: Malware detection based on mining API calls. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 1020–1025 (2010). https://doi.org/10.1145/1774088.1774303

  6. Trinius, P., Willems, C., Holz, T., Rieck, K.: A malware instruction set for behavior-based analysis. None (2009). https://madoc.bib.uni-mannheim.de/2579/

  7. Rabadi, D., Teo, S.: Advanced windows methods on malware detection and classification. In: Annual Computer Security Applications Conference, pp. 54–68 (2020). https://doi.org/10.1145/3427228.3427242

  8. Gamage, S., Samarabandu, J.: Deep learning methods in network intrusion detection: a survey and an objective comparison. J. Netw. Comput. Appl. 169, 102767 (2020). https://www.sciencedirect.com/science/article/pii/S1084804520302411

  9. Zhang, Z., Qi, P., Wang, W.: Dynamic malware analysis with feature engineering and feature learning. Proc. AAAI Conf. Artif. Intell. 34, 1210–1217 (2020). https://ojs.aaai.org/index.php/AAAI/article/view/5474

  10. Weinberger, K., Dasgupta, A., Langford, J., Smola, A., Attenberg, J.: Feature hashing for large scale multitask learning. In: Proceedings of the 26th Annual International Conference on Machine Learning, pp. 1113–1120 (2009). https://doi.org/10.1145/1553374.1553516

  11. Ioffe, S., Szegedy, C.: Batch normalization: accelerating deep network training by reducing internal covariate shift. In: Proceedings of the 32nd International Conference On Machine Learning, vol. 37, pp. 448–456 (2015). https://proceedings.mlr.press/v37/ioffe15.html

  12. Dauphin, Y., Fan, A., Auli, M., Grangier, D.: Language modeling with gated convolutional networks. In: Proceedings of the 34th International Conference on Machine Learning, vol. 70, pp. 933–941 (2017). https://proceedings.mlr.press/v70/dauphin17a.html

  13. Young, T., Hazarika, D., Poria, S., Cambria, E.: Recent trends in deep learning based natural language processing [review article]. IEEE Comput. Intell. Magaz. 13, 55–75 (2018)

    Article  Google Scholar 

  14. Refaeilzadeh, P., Tang, L., Liu, H.: Cross-Validation. In: Encyclopedia of Database Systems, pp. 1–7 (2016)

    Google Scholar 

  15. Fawcett, T.: An introduction to ROC analysis. Pattern Recogn. Lett. 27, 861–874 (2006). https://www.sciencedirect.com/science/article/pii/S016786550500303X. ROC Analysis in Pattern Recognition

Download references

Author information

Authors and Affiliations

  1. Universidad de Alicante, Alicante, Spain

    Manuel Torres, Rafael Álvarez & Miguel Cazorla

Authors
  1. Manuel Torres
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rafael Álvarez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Miguel Cazorla
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Manuel Torres .

Editor information

Editors and Affiliations

  1. Faculty of Engineering, University of Deusto, Bilbao, Spain

    Pablo García Bringas

  2. University of León, León, Spain

    Hilde Pérez García

  3. Mechanical Engineering Department, University of La Rioja, Logroño, La Rioja, Spain

    Francisco Javier Martinez-de-Pison

  4. Inteligencia Artificial, University of Oviedo, A Coruña, La Coruña, Spain

    José Ramón Villar Flecha

  5. Data Science and Big Data Lab, Pablo de Olavide University, Sevilla, Spain

    Alicia Troncoso Lora

  6. University of Oviedo, Oviedo, Spain

    Enrique A. de la Cal

  7. Department of Civil Engineering, University of Burgos, Burgos, Spain

    Álvaro Herrero

  8. School of engineering, Pablo Olavide University, Seville, Spain

    Francisco Martínez Álvarez

  9. DIGIP, University of Bergamo, Dalmine, Bergamo, Italy

    Giuseppe Psaila

  10. Department of Industrial Engineering, University of A Coruña, Ferrol, Spain

    Héctor Quintián

  11. Department of Computing Science, University of Salamanca, Salamanca, Spain

    Emilio S. Corchado Rodriguez

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Torres, M., Álvarez, R., Cazorla, M. (2023). Improving Malware Detection with a Novel Dataset Based on API Calls. In: García Bringas, P., et al. 17th International Conference on Soft Computing Models in Industrial and Environmental Applications (SOCO 2022). SOCO 2022. Lecture Notes in Networks and Systems, vol 531. Springer, Cham. https://doi.org/10.1007/978-3-031-18050-7_28

Download citation

Publish with us

Policies and ethics

Search

Navigation