MGeT

Autor: Ding Jianwei, Guo Yubin, Sun Enbo, Su Hong, Yue Zhao, Chen Zhouguo
Rok vydání: 2017
Předmět:
Zdroj: ICCSP
DOI: 10.1145/3058060.3058065
Popis: Malware, as a malicious software, or applications or execution codes, has become the centerpiece of most security threats in such a unceasing open Internet environment. The essential technology of malware analysis is to extract the characteristics of malware, intended to supply signatures to detection systems and provide evidence for recovery and cleanup. The focal point in the malware analysis is how to detect malicious behaviors versus how to hide a malware analyzer from malware during runtime. In this paper, we propose an approach called Malware Gene Topology Model (MGeT) inspired by Biotechnological Genomics that can quickly detect potential malware from a large amount of software or execution codes including metamorphic or new variants of malware. Instead of extracting the signatures from the malware in the execution file level or operating system level, we identify the key malicious behaviors of malware by the underlying instructions, named malware Gene. We evaluate our method based on real-world datasets and the results demonstrate the advantages of our method over the previous studies, validating the contribution of our method.
Databáze: OpenAIRE