University of Tabriz Tabriz Journal of Electrical Engineering 2008-7799 50 4 2021 02 19 An Efficient Approach for Unknown Malware Detection Based on Opcode Analysis An Efficient Approach for Unknown Malware Detection Based on Opcode Analysis 1847 1864 12462 FA F. Manavi Faculty of Electrical and Computer Engineering, University of Shiraz, Shiraz, Iran A. Hamzeh Faculty of Electrical and Computer Engineering, University of Shiraz, Shiraz, Iran Journal Article 2019 01 06 Today, with the development of computer systems, malware has grown dramatically. Malware is defined as a program that is developed with malicious purpose, such as sabotaging the computer system, information theft or other malicious actions. Malware detection is a branch of computer security which attempts to analyze suspicious programs, detect malware and ultimately eliminate the threat. Opcode-based methods are commonly used in malware detection. Given that, all Opcode are not important for detecting malware, some of them can be ignored in the detection process. In this research, the proposed method is based on Opcode Analysis, but only some of the important and effective Opcodes will be considered for file detection. First, momentous Opcodes of file are identified and employed for generating images. Then, features are extracted from the images in order to accomplish the classification. The advantage of the proposed method is that images are created based on important Opcodes and detecting malware is converted into image classification. Therefore, the proposed method is more optimized compared to the previous methods and also has acceptable accuracy and less complexity. Today, with the development of computer systems, malware has grown dramatically. Malware is defined as a program that is developed with malicious purpose, such as sabotaging the computer system, information theft or other malicious actions. Malware detection is a branch of computer security which attempts to analyze suspicious programs, detect malware and ultimately eliminate the threat. Opcode-based methods are commonly used in malware detection. Given that, all Opcode are not important for detecting malware, some of them can be ignored in the detection process. In this research, the proposed method is based on Opcode Analysis, but only some of the important and effective Opcodes will be considered for file detection. First, momentous Opcodes of file are identified and employed for generating images. Then, features are extracted from the images in order to accomplish the classification. The advantage of the proposed method is that images are created based on important Opcodes and detecting malware is converted into image classification. Therefore, the proposed method is more optimized compared to the previous methods and also has acceptable accuracy and less complexity. classification image malware malware detection opcode https://tjee.tabrizu.ac.ir/article_12462_48c04e557ce2ea9f2f6d839c69433b37.pdf