Malware detection using opcodes statistical features

摘要

In recent years, malicious software has affected and overshadowed personal computer and computer network securities. For this reason, searching for innovative solutions to detect malware has become increasingly important. In this paper, we develop a malware detection method using similarity measurement algorithms. The purpose of the proposed method is to improve the malware detection rate and detection speed. This method, compared to other static detection techniques, has many advantages, such as a much higher speed due to the direct use of opcodes and better detection results due to being uninfluenced by obfuscation and disassembly techniques. We also evaluate these malware detection algorithms by using the most up-to-date antivirus software. Experimental results show that the proposed method has a detection rate of 90%, while the most up-to-date antivirus software has an average detection rate of about 40%. It is found that the proposed method increases the speed of detection program by 30% compared to the existing techniques.