English
Related papers

Related papers: Towards Generic Deobfuscation of Windows API Calls

200 papers

As malware continues to become more complex and harder to detect, Malware Analysis needs to continue to evolve to stay one step ahead. One promising key area approach focuses on using system calls and API Calls, the core communication…

Cryptography and Security · Computer Science 2025-06-03 Bishwajit Prasad Gond , Durga Prasad Mohapatra

Dynamic malware analysis executes the program in an isolated environment and monitors its run-time behaviour (e.g. system API calls) for malware detection. This technique has been proven to be effective against various code obfuscation…

Cryptography and Security · Computer Science 2020-01-27 Zhaoqi Zhang , Panpan Qi , Wei Wang

Nowadays, malware and malware incidents are increasing daily, even with various antivirus systems and malware detection or classification methodologies. Machine learning techniques have been the main focus of the security experts to detect…

Cryptography and Security · Computer Science 2022-08-05 Berkant Düzgün , Aykut Çayır , Ferhat Demirkıran , Ceyda Nur Kahya , Buket Gençaydın , Hasan Dağ

The use of operating system API calls is a promising task in the detection of PE-type malware in the Windows operating system. This task is officially defined as running malware in an isolated sandbox environment, recording the API calls…

Cryptography and Security · Computer Science 2021-02-23 Ferhat Ozgur Catak , Ahmet Faruk Yazı

Malware detection and classification remains a topic of concern for cybersecurity, since it is becoming common for attackers to use advanced obfuscation on their malware to stay undetected. Conventional static analysis is not effective…

Machine Learning · Computer Science 2025-06-02 Md Shahnawaz , Bishwajit Prasad Gond , Durga Prasad Mohapatra

Dynamic analysis methods effectively identify shelled, wrapped, or obfuscated malware, thereby preventing them from invading computers. As a significant representation of dynamic malware behavior, the API (Application Programming Interface)…

Cryptography and Security · Computer Science 2023-12-14 Pei Yan , Shunquan Tan , Miaohui Wang , Jiwu Huang

A commonly shared component of antivirus suites is a local database of malware signatures that is used during the static analysis process. Despite possible encryption, heuristic obfuscation, or attempts to hide this database from malicious…

Cryptography and Security · Computer Science 2017-05-17 Aubrey Alston

As computing systems become increasingly advanced and as users increasingly engage themselves in technology, security has never been a greater concern. In malware detection, static analysis, the method of analyzing potentially malicious…

Cryptography and Security · Computer Science 2018-05-22 Chan Woo Kim

In this work, we propose EarlyMalDetect, a novel approach for early Windows malware detection based on sequences of API calls. Our approach leverages generative transformer models and attention-guided deep recurrent neural networks to…

Cryptography and Security · Computer Science 2024-07-19 Pascal Maniriho , Abdun Naser Mahmood , Mohammad Jabed Morshed Chowdhury

Malware authors commonly use obfuscation to hide API identities in binary files, making analysis difficult and time-consuming for a human expert to understand the behavior and intent of the program. Automatic API prediction tools are…

Machine learning (ML) has been widely used to analyze API call sequences in malware analysis, which typically requires the expertise of domain specialists to extract relevant features from raw data. The extracted features play a critical…

Cryptography and Security · Computer Science 2025-12-02 Tianheng Qu , Hongsong Zhu , Limin Sun , Haining Wang , Haiqiang Fei , Zheng He , Zhi Li

We propose a deep learning approach for identifying malware families using the function call graphs of x86 assembly instructions. Though prior work on static call graph analysis exists, very little involves the application of modern,…

Cryptography and Security · Computer Science 2020-12-04 Thomas Dalton , Mauritius Schmidtler , Alireza Hadj Khodabakhshi

We consider the problem of detecting malware with deep learning models, where the malware may be combined with significant amounts of benign code. Examples of this include piggybacking and trojan horse attacks on a system, where malicious…

Cryptography and Security · Computer Science 2020-02-14 Keith Dillon

Network and system security are incredibly critical issues now. Due to the rapid proliferation of malware, traditional analysis methods struggle with enormous samples. In this paper, we propose four easy-to-extract and small-scale features,…

Cryptography and Security · Computer Science 2022-01-20 Zhenshuo Chen , Eoin Brophy , Tomas Ward

Malware attacks pose a significant threat in today's interconnected digital landscape, causing billions of dollars in damages. Detecting and identifying families as early as possible provides an edge in protecting against such malware. We…

Cryptography and Security · Computer Science 2025-02-19 Christofer Fellicious , Manuel Bischof , Kevin Mayer , Dorian Eikenberg , Stefan Hausotte , Hans P. Reiser , Michael Granitzer

In this paper, we explore the effectiveness of dynamic analysis techniques for identifying malware, using Hidden Markov Models (HMMs) and Profile Hidden Markov Models (PHMMs), both trained on sequences of API calls. We contrast our results…

Cryptography and Security · Computer Science 2019-01-23 Swapna Vemparala , Fabio Di Troia , Corrado A. Visaggio , Thomas H. Austin , Mark Stamp

Machine learning-based malware detectors are widely deployed in antivirus and endpoint detection systems, yet their reliance on static features makes them vulnerable to adversarial manipulation. This paper investigates whether a malware…

Cryptography and Security · Computer Science 2026-05-19 Juozas Dautartas , Olga Kurasova , Juozapas Rokas Čypas , Viktor Medvedev

We describe a novel approach to monitoring high level behaviors using concepts from AI planning. Our goal is to understand what a program is doing based on its system call trace. This ability is particularly important for detecting malware.…

Artificial Intelligence · Computer Science 2017-09-12 Alexandre Cukier , Ronen I. Brafman , Yotam Perkal , David Tolpin

Static analysis is a powerful tool for detecting security vulnerabilities and other programming problems. Global taint tracking, in particular, can spot vulnerabilities arising from complicated data flow across multiple functions. However,…

Software Engineering · Computer Science 2023-01-26 Yiu Wai Chow , Max Schäfer , Michael Pradel

The increasingly sophisticated environment in which attackers operate makes software security an even greater challenge in open-source projects, where malicious packages are prevalent. Static analysis tools, such as Malcontent, are highly…

Cryptography and Security · Computer Science 2026-01-27 Duc-Ly Vu , Thanh-Cong Nguyen , Minh-Khanh Vu , Ngoc-Thanh Nguyen , Kim-Anh Do Thi
‹ Prev 1 2 3 10 Next ›