Malware continues to pose a significant threat to cybersecurity, evolving rapidly in complexity and evasion techniques. Traditional detection methods often struggle against sophisticated attacks due to their reliance on static signatures or limited understanding of program behavior. This article introduces a novel dynamic malware detection approach that leverages both function parameter encoding and function dependency modeling derived from Application Programming Interface (API) call sequences. By capturing the rich contextual information conveyed through API call parameters and understanding the intricate relationships between function invocations, our method aims to provide a more robust and accurate classification of malicious software. We detail the methodology, from dynamic analysis and data collection to the feature engineering and model training, and present results demonstrating superior performance compared to existing techniques that primarily rely on API call sequences alone. The findings underscore the importance of deeper behavioral analysis for effective malware detection in the contemporary threat landscape.

Malware detection, Dynamic analysis, API calls

Alomari ES, Nuiaa RR, Alyasseri ZAA, Mohammed HJ, Sani NS, Esa MI, Musawi BA. 2023. Malware detection using deep learning and correlation-based feature selection. Symmetry 15(1):123.

Amer E, Mohamed A, Mohamed SE, Ashaf M, Ehab A, Shereef O, Metwaie H. 2022. Using machine learning to identify android malware relying on api calling sequences and permissions. Journal of Computing and Communication 1(1):38-47.

Amer E, Zelinka I. 2020. A dynamic windows malware detection and prediction method based on contextual understanding of API call sequence. Computers & Security 92(7):101760.

AV TEST. 2023. Malware statistics[eb/ol].

Bai S, Kolter JZ, Koltun V. 2018. An empirical evaluation of generic convolutional and recurrent networks for sequence modeling. ArXiv preprint.

Chaganti R, Ravi V, Pham TD. 2022. Deep learning based cross architecture internet of things malware detection and classification. Computers & Security 120:102779.

Chen X, Hao Z, Li L, Cui L, Zhu Y, Ding Z, Liu Y. 2022. Cruparamer: learning on parameter-augmented API sequences for malware detection. IEEE Transactions on Information Forensics and Security 17(1):788-803.

Cozzi E, Graziano M, Fratantonio Y, Balzarotti D. 2018. Understanding Linux malware.

Di Gennaro G, Buonanno A, Palmieri FA. 2021. Considerations about learning word2vec. The Journal of Supercomputing 77(11):1-16.

ENISA. 2023. Enisa threat landscape 2023.

Feng P, Gai L, Yang L, Wang Q, Li T, Xi N, Ma J. 2024. DawnGNN: documentation augmented windows malware detection using graph neural network. Computers & Security 140:103788.

Hemalatha J, Roseline SA, Geetha S, Kadry S, Damaševičius R. 2021. An efficient densenet-based deep learning model for malware detection. Entropy 23(3):344.

Jamalpur S, Navya YS, Raja P, Tagore G, Rao GRK. 2018. Dynamic malware analysis using cuckoo sandbox.

kericwy1337. 2019. Malicious-code-dataset. GitHub.

Kishore P, Gond BP, Mohapatra DP. 2024. Enhancing malware classification with machine learning: a comparative analysis of API sequence-based techniques.

Li C, Cheng Z, Zhu H, Wang L, Lv Q, Wang Y, Li N, Sun D. 2022. DMalNet: dynamic malware analysis based on API feature engineering and graph learning. Computers & Security 122:102872.