A Framework for Malware Detection Using Combination Technique and Signature Generation

摘要

Malware detection must apply sophisticated technique to minimize malware thread that can break computer operation. Nowadays malware writers try to avoid detection by using several techniques such as polymorphic, hiding and also zero day of attack. However, commercial anti-virus or anti-spyware that used signature-based matching to detects malware cannot solve that kind of attack. In order to overcome this issue, we propose a new framework for malware detection that combines signature-based technique and genetic algorithm technique. This framework consists of three main components such as s-based detection, GA detection and signature generator. These three main components will work together as interrelated process in our propose framework. Result from this study is the new framework that design to solve new launce malware and also to generate signature automatically that can be used on signature-based detection.