When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features

Hojjat Aghakhani; Fabio Gritti; Francesco Mecca; Martina Lindorfer; Stefano Ortolani; Davide Balzarotti; Giovanni Vigna; Christopher Kruegel

doi:10.14722/ndss.2020.24310

When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features

Hojjat Aghakhani(University of California, Santa Barbara), Fabio Gritti(University of California, Santa Barbara), Francesco Mecca(University of Turin), Martina Lindorfer(TU Wien), Stefano Ortolani(EURECOM), Davide Balzarotti(EURECOM), Giovanni Vigna(University of California, Santa Barbara), Christopher Kruegel(University of California, Santa Barbara)

Unknown

January 1, 2020

10.14722/ndss.2020.24310

Cited by 129Open Access

Full Text

Abstract

Machine learning techniques are widely used in addition to signatures and heuristics to increase the detection rate of anti-malware software, as they automate the creation of detection models, making it possible to handle an ever-increasing number of new malware samples. In order to foil the analysis of anti-malware systems and evade detection, malware uses packing and other forms of obfuscation. However, few realize that benign applications use packing and obfuscation as well, to protect intellectual property and prevent license abuse.

Related Papers

No related papers found

Powered by citation graph analysis