Malware Detection Based on Opcode Dynamic Analysis
DOI:
https://doi.org/10.4108/eai.22-6-2021.170239Keywords:
Malware Detection, Opcodes, Dynamic DetectionAbstract
Malware detection is an important problem in the field of information security. Opcodes are the most direct information reflecting the execution behavior of malware, The malware based on the dynamic analysis of opcodes also faces some challenges: the acquisition of the operating code information in the execution process of the malware; the high false alarm rate in the detection process and the large system overhead caused by the malware detection in the application layer. In order to deal with the above problems, this paper proposes a new scheme for dynamic opcode acquisition, the opcode information obtained from the software runtime is used for offline analysis. The detection accuracy of off-line malware can reach 99.85%, which is superior to the traditional technology. Moreover, this paper proposes an online detection scheme: CPU built-in malware monitoring model (CBMM), which can solve the problem that it is difficult to accurately identify the execution trajectory of malware in the current malware detection process, at the same time, this model can monitor malware in real time. Finally, we implement our model by VerilogHDL, functional simulation was carried out in modelsim simulation software and its implementation cost was analyzed.
Downloads
Published
Issue
Section
License
Copyright (c) 2022 EAI Endorsed Transactions on Security and Safety
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
This is an open-access article distributed under the terms of the Creative Commons Attribution CC BY 4.0 license, which permits unlimited use, distribution, and reproduction in any medium so long as the original work is properly cited.
