Work place: School of Electrical and Computer Engineering, Shiraz University, Shiraz, Iran
E-mail: hazrati@cse.shirazu.ac.ir
Website:
Research Interests: Computational Learning Theory, Image Processing, Data Mining, Data Structures and Algorithms
Biography
Seyed Mehdi Hazrati Fard received his B.Sc. degree on computer software from Shiraz Azad University, Shiraz, Iran in 2007 and his M.Sc. degree in the field of artificial intelligence (AI) from Shiraz University, Shiraz, Iran in 2012. He is currently a Ph.D. student continuing AI at Shiraz University, Shiraz, Iran.
He was worked more than 2 years in the malware detection lab in APA center of Shiraz University and then was a member of antivirus project of this unity. He is currently a Faculty member in the Department of Computer science and IT of Pishtazan institutes of higher education, Shiraz, Iran. His research interests are in the fields of image processing, machine learning, data mining and security and has several publications in these fields.
By Mina Gharacheh Vali Derhami Sattar Hashemi Seyed Mehdi Hazrati Fard
DOI: https://doi.org/10.5815/ijisa.2016.04.02, Pub. Date: 8 Apr. 2016
Recent research have depicted that hidden Markov model (HMM) is a persuasive option for malware detection. However, some advanced metamorphic malware are able to overcome the traditional methods based on HMMs. This proposed approach provides a two-layer technique to overcome these challenges. Malware contain various sequences of opcodes some of which are more important and help detect the malware and the rest cause interference. The important sequences of opcodes are extracted by eliminating partial sequences due to the fact that partial sequences of opcodes have more similarities to benign files. In this method, the sliding window technique is used to extract the sequences. In this paper, HMMs are trained using the important sequences of opcodes that will lead to better results. In comparison to previous methods, the results demonstrate that the proposed method is more accurate in metamorphic malware detection and shows higher speed at classification.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals