Article Per Year (5 Year)
p-Index From 2021 - 2026
0
P-Index
This Author published in this journals
All Journal International Journal of Electrical and Computer Engineering TELKOMNIKA (Telecommunication Computing Electronics and Control) Bulletin of Electrical Engineering and Informatics Bulletin of Electrical Engineering and Informatics Bulletin of Electrical Engineering and Informatics
Ismahani Ismail
Universiti Teknologi Malaysia
Computer Science & IT Electrical & Electronics Engineering Engineering

Published : 6 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 2 Documents
Search
Journal : TELKOMNIKA (Telecommunication Computing Electronics and Control)

 1 
Metamorphic Malware Detection Based on Support Vector Machine Classification of Malware Sub-Signatures Ban Mohammed Khammas; Alireza Monemi; Ismahani Ismail; Sulaiman Mohd Nor; M.N. Marsono
TELKOMNIKA (Telecommunication Computing Electronics and Control) Vol 14, No 3: September 2016
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/telkomnika.v14i3.3850

Abstract

Achieving accurate and efficient metamorphic malware detection remains a challenge. Metamorphic malware is able to mutate and alter its code structure in each infection, with some vital functionality and codesegment remain unchanged. We exploit these unchanged features for detecting metamorphic malware detection using Support Vector Machine(SVM) classifier. n-gram features are extracted directly from sample malware binaries to avoid disassembly, which are then masked with the extracted Snort signature n-grams. These masked features reduce considerably the number of selected n-gram features. Our method is capable to accurately detect metamorphic malware with ~99 % accuracy and low false positive rate. The proposed method is also superior than commercially available anti-viruses in detecting metamorphicmalware.
Pre-filters in-transit malware packets detection in the network Ban Mohammed Khammas; Ismahani Ismail; M. N. Marsono
TELKOMNIKA (Telecommunication Computing Electronics and Control) Vol 17, No 4: August 2019
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/telkomnika.v17i4.12065

Abstract

Conventional malware detection systems cannot detect most of the new malware in the network without the availability of their signatures. In order to solve this problem, this paper proposes a technique to detect both metamorphic (mutated malware) and general (non-mutated) malware in the network using a combination of known malware sub-signature and machine learning classification. This network-based malware detection is achieved through a middle path for efficient processing of non-malware packets. The proposed technique has been tested and verified using multiple data sets (metamorphic malware, non-mutated malware, and UTM real traffic), this technique can detect most of malware packets in the network-based before they reached the host better than the previous works which detect malware in host-based. Experimental results showed that the proposed technique can speed up the transmission of more than 98% normal packets without sending them to the slow path, and more than 97% of malware packets are detected and dropped in the middle path. Furthermore, more than 75% of metamorphic malware packets in the test dataset could be detected. The proposed technique is 37 times faster than existing technique.
Co-Authors Alireza Monemi Ban Mohammed Khammas Ban Mohammed Khammas Bushra Mohammed Ali Abdalla Joseph Stephen Bassi M. N. Marsono M.N. Marsono Mohammed Sultan Mohammed Mosab Hamdan Muhammad Nadzir Marsono Sulaiman Mohd Nor Tan Hui Xin