UPM Institutional Repository

Nonnegative matrix factorization and metamorphic malware detection


Ling, Yeong Tyng and Mohd Sani, Nor Fazlida and Abdullah, Mohd Taufik and Abdul Hamid, Nor Asilah Wati (2019) Nonnegative matrix factorization and metamorphic malware detection. Journal of Computer Virology and Hacking Techniques, 15. pp. 195-208. ISSN 2274-2042; ESSN: 2263-8733


Metamorphic malware change their internal code structure by adopting code obfuscation technique while maintaining their malicious functionality during each infection. This causes change of their signature pattern across each infection and makes signature based detection particularly difficult. In this paper, through static analysis, we use similarity score from matrix factorization technique called Nonnegative Matrix Factorization for detecting challenging metamorphic malware. We apply this technique using structural compression ratio and entropy features and compare our results with previous eigenvector-based techniques. Experimental results from three malware datasets show this is a promising technique as the accuracy detection is more than 95%.

Download File

[img] Text (Abstract)
Nonnegative matrix factorization and metamorphic malware detection.pdf

Download (8kB)

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
DOI Number: https://doi.org/10.1007/s11416-019-00331-0
Publisher: Springer Nature Switzerland AG
Keywords: Metamorphic malware; Nonnegative matrix factorization; Dimension reduction; Structural analysis
Depositing User: Ms. Nida Hidayati Ghazali
Date Deposited: 29 Jan 2021 10:08
Last Modified: 29 Jan 2021 10:08
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.1007/s11416-019-00331-0
URI: http://psasir.upm.edu.my/id/eprint/81487
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item