Portal de Periódicos da CAPES

Artigo Acesso aberto Produção Nacional Revisado por pares

BIBTEX RIS

Antivirus applied to JAR malware detection based on runtime behaviors

2022; Nature Portfolio; Volume: 12; Issue: 1 Linguagem: Inglês

10.1038/s41598-022-05921-5

2045-2322

Ricardo Paranhos Pinheiro, Sidney Marlon Lopes de Lima, Danilo Souza, Sthéfano H. M. T. Silva, Petrônio G. Lopes, Rafael Diniz Toscano de Lima, Jemerson R. de Oliveira, Thyago Monteiro, Sérgio Murilo Maciel Fernandes, Edison de Queiroz Albuquerque, Washington W. A. da Silva, Wellington Pinheiro dos Santos,

Adversarial Robustness in Machine Learning

Abstract Java vulnerabilities correspond to 91% of all exploits observed on the worldwide web. The present work aims to create antivirus software with machine learning and artificial intelligence and master in Java malware detection. Within the proposed methodology, the suspected JAR sample is executed to intentionally infect the Windows OS monitored in a controlled environment. In all, our antivirus monitors and considers, statistically, 6824 actions that the suspected JAR file can perform when executed. Our antivirus achieved an average performance of 91.58% in the distinction between benign and malware JAR files. Different initial conditions, learning functions and architectures of our antivirus are investigated. The limitations of commercial antiviruses can be supplied by intelligent antiviruses. Instead of blacklist-based models, our antivirus allows JAR malware detection preventively and not reactively as Oracle’s Java and traditional antivirus modus operandi.