Abstract

A technique to improve computer security is to test an executable for the presence of malicious code without running the executable. This publication describes systems and techniques for machine learning on application-programming-interface-call (API-call) n-grams from static analysis to automatically determine whether an executable or shared library binary file includes indicators of malicious code. The systems and techniques generate API-call graphs from the file. From the API-call graphs, the systems and techniques generate n-grams. A machine-learned model, using the n-grams, then identifies malicious code or code that performs unwanted behavior.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.

Recommended Citation

Boulgakov, Alexandre and Ren, Chuangang, "A Machine-Learned Model To Detect Malicious Code Using API-call N-grams From Static Analysis", Technical Disclosure Commons, (September 10, 2020)
https://www.tdcommons.org/dpubs_series/3590

Download

COinS

Technical Disclosure Commons

Defensive Publications Series

A Machine-Learned Model To Detect Malicious Code Using API-call N-grams From Static Analysis

Abstract

Creative Commons License

Recommended Citation

Browse

Search

Submit

Additional Information

Technical Disclosure Commons

Defensive Publications Series

A Machine-Learned Model To Detect Malicious Code Using API-call N-grams From Static Analysis

Inventor(s)

Abstract

Creative Commons License

Recommended Citation

Share

Browse

Search

Submit

Additional Information