Proposing A New Approach for Detecting Malware Based on the Event Analysis Technique
Nguyen Duc Viet1, Dang Dinh Quan2
1Nguyen Duc, Institute of Post and Telecommunications Technology, Hanoi University, Vietnam
2Dang Dinh Quan, Lecturer, Faculty of Information Technology, Hanoi University, Vietnam.
Manuscript received on 12 June 2023 | Revised Manuscript received on 23 June 2023 | Manuscript Accepted on 15 July 2023 | Manuscript published on 30 July 2023 | PP: 21-27 | Volume-12 Issue-8, July 2023 | Retrieval Number: 100.1/ijitee.H96510712823 | DOI: 10.35940/ijitee.H9651.0712823
Open Access | Editorial and Publishing Policies | Cite | Zenodo | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The attack technique by the malware distribution form is a dangerous, difficult to detect and prevent attack method. Current malware detection studies and proposals are often based on two main methods: using sign sets and analyzing abnormal behaviors using machine learning or deep learning techniques. This paper will propose a method to detect malware on Endpoints based on Event IDs using deep learning. Event IDs are behaviors of malware tracked and collected on Endpoints’ operating system kernel. The malware detection proposal based on Event IDs is a new research approach that has not been studied and proposed much. To achieve this purpose, this paper proposes to combine different data mining methods and deep learning algorithms. The data mining process is presented in detail in section 2 of the paper.
Keywords: Malware detection; Endpoint; Event analysis technique; deep learning; Doc2Vec
Scope of the Article: Deep learning