Malware Analysis with Multiple Features
Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pi-ngaji, which could assist the work of malware analys...
| Main Authors: | , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English |
| Published: |
2012
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/23655/ http://irep.iium.edu.my/23655/ http://irep.iium.edu.my/23655/4/najmi_conf_UKSim2012_4682z004.pdf http://irep.iium.edu.my/23655/7/najmi_conf_full_paperUKSim2012.pdf |
| id |
iium-23655 |
|---|---|
| recordtype |
eprints |
| spelling |
iium-236552012-07-27T01:26:59Z http://irep.iium.edu.my/23655/ Malware Analysis with Multiple Features Ahmad Zabidi, Muhammad Najmi Maarof, Mohd Aizaini Zainal, Anazida QA75 Electronic computers. Computer science QA76 Computer software Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pi-ngaji, which could assist the work of malware analyst to get the static features of malware. pi-ngaji contains several modules - Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decryptor. pi-ngaji was developed in order to assist our work in getting malware features. pi-ngaji is focusing on ripping Microsoft Windows executable binaries' malicious features. 2012-03-30 Conference or Workshop Item PeerReviewed application/pdf en http://irep.iium.edu.my/23655/4/najmi_conf_UKSim2012_4682z004.pdf application/pdf en http://irep.iium.edu.my/23655/7/najmi_conf_full_paperUKSim2012.pdf Ahmad Zabidi, Muhammad Najmi and Maarof, Mohd Aizaini and Zainal, Anazida (2012) Malware Analysis with Multiple Features. In: UKSim 14th International Conference on Computer Modelling and Simulation, UKSim2012 (UKSim2012), 28-30th March 2012, University of Cambridge, United Kingdom. (Unpublished) http://www.uksim2012.info/ |
| repository_type |
Digital Repository |
| institution_category |
Local University |
| institution |
International Islamic University Malaysia |
| building |
IIUM Repository |
| collection |
Online Access |
| language |
English English |
| topic |
QA75 Electronic computers. Computer science QA76 Computer software |
| spellingShingle |
QA75 Electronic computers. Computer science QA76 Computer software Ahmad Zabidi, Muhammad Najmi Maarof, Mohd Aizaini Zainal, Anazida Malware Analysis with Multiple Features |
| description |
Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pi-ngaji, which could assist the work of malware analyst to get the static features of malware. pi-ngaji contains several modules - Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decryptor. pi-ngaji was developed in order to assist our work in getting malware features. pi-ngaji is focusing on ripping Microsoft Windows executable binaries' malicious features. |
| format |
Conference or Workshop Item |
| author |
Ahmad Zabidi, Muhammad Najmi Maarof, Mohd Aizaini Zainal, Anazida |
| author_facet |
Ahmad Zabidi, Muhammad Najmi Maarof, Mohd Aizaini Zainal, Anazida |
| author_sort |
Ahmad Zabidi, Muhammad Najmi |
| title |
Malware Analysis with Multiple Features |
| title_short |
Malware Analysis with Multiple Features |
| title_full |
Malware Analysis with Multiple Features |
| title_fullStr |
Malware Analysis with Multiple Features |
| title_full_unstemmed |
Malware Analysis with Multiple Features |
| title_sort |
malware analysis with multiple features |
| publishDate |
2012 |
| url |
http://irep.iium.edu.my/23655/ http://irep.iium.edu.my/23655/ http://irep.iium.edu.my/23655/4/najmi_conf_UKSim2012_4682z004.pdf http://irep.iium.edu.my/23655/7/najmi_conf_full_paperUKSim2012.pdf |
| first_indexed |
2023-09-18T20:35:45Z |
| last_indexed |
2023-09-18T20:35:45Z |
| _version_ |
1777409034172760064 |