Show simple item record

dc.contributor.authorNamanya, Anitta P.
dc.contributor.authorAwan, Irfan U.
dc.contributor.authorDisso, J.P.
dc.contributor.authorYounas, M.
dc.date.accessioned2019-07-09T12:17:21Z
dc.date.accessioned2019-07-12T11:15:43Z
dc.date.available2019-07-09T12:17:21Z
dc.date.available2019-07-12T11:15:43Z
dc.date.issued2019
dc.identifier.citationNamanya AP, Awan IU, Disso JP et al (2019) Similarity hash based scoring of portable executable files for efficient malware detection in IoT. Future Generation Computer Systems. Accepted for Publication.en_US
dc.identifier.urihttp://hdl.handle.net/10454/17168
dc.descriptionYesen_US
dc.description.abstractThe current rise in malicious attacks shows that existing security systems are bypassed by malicious files. Similarity hashing has been adopted for sample triaging in malware analysis and detection. File similarity is used to cluster malware into families such that their common signature can be designed. This paper explores four hash types currently used in malware analysis for portable executable (PE) files. Although each hashing technique produces interesting results, when applied independently, they have high false detection rates. This paper investigates into a central issue of how different hashing techniques can be combined to provide a quantitative malware score and to achieve better detection rates. We design and develop a novel approach for malware scoring based on the hashes results. The proposed approach is evaluated through a number of experiments. Evaluation clearly demonstrates a significant improvement (> 90%) in true detection rates of malware.en_US
dc.language.isoenen_US
dc.publisherElsevier
dc.relation.isreferencedbyhttps://doi.org/10.1016/j.future.2019.04.044en_US
dc.rights© 2019 Elsevier B.V. All rights reserved. Reproduced in accordance with the publisher's self-archiving policy. This manuscript version is made available under the CC-BY-NC-ND 4.0 license.en_US
dc.subjectMalwareen_US
dc.subjectStatic analysisen_US
dc.subjectDetectionen_US
dc.subjectHashesen_US
dc.subjectInternet of thingsen_US
dc.titleSimilarity hash based scoring of portable executable files for efficient malware detection in IoTen_US
dc.status.refereedYesen_US
dc.date.Accepted2019-04-19
dc.date.application2019-05-14
dc.typeArticleen_US
dc.date.EndofEmbargo2020-05-15
dc.type.versionAccepted manuscripten_US
dc.description.publicnotesThe full-text of this article will be released for public view at the end of the publisher embargo on 15 May 2020.en_US
dc.date.updated2019-07-09T11:17:24Z
refterms.dateFOA2019-07-12T11:16:20Z


Item file(s)

Thumbnail
Name:
2019_Irfan_FG.PDF
Size:
1.185Mb
Format:
Unknown
Description:
To keep suppressed
Thumbnail
Name:
Awan_et_al_FGCS.pdf
Size:
1.561Mb
Format:
PDF

This item appears in the following Collection(s)

Show simple item record