MGeT
Autor: | Ding Jianwei, Guo Yubin, Sun Enbo, Su Hong, Yue Zhao, Chen Zhouguo |
---|---|
Rok vydání: | 2017 |
Předmět: |
021110 strategic
defence & security studies Software_OPERATINGSYSTEMS Cyber-collection business.industry Computer science 0211 other engineering and technologies 02 engineering and technology computer.software_genre Computer security Cryptovirology ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS ComputingMethodologies_PATTERNRECOGNITION 020204 information systems 0202 electrical engineering electronic engineering information engineering Key (cryptography) Malware The Internet Malware analysis Web threat business computer Asprox botnet |
Zdroj: | ICCSP |
DOI: | 10.1145/3058060.3058065 |
Popis: | Malware, as a malicious software, or applications or execution codes, has become the centerpiece of most security threats in such a unceasing open Internet environment. The essential technology of malware analysis is to extract the characteristics of malware, intended to supply signatures to detection systems and provide evidence for recovery and cleanup. The focal point in the malware analysis is how to detect malicious behaviors versus how to hide a malware analyzer from malware during runtime. In this paper, we propose an approach called Malware Gene Topology Model (MGeT) inspired by Biotechnological Genomics that can quickly detect potential malware from a large amount of software or execution codes including metamorphic or new variants of malware. Instead of extracting the signatures from the malware in the execution file level or operating system level, we identify the key malicious behaviors of malware by the underlying instructions, named malware Gene. We evaluate our method based on real-world datasets and the results demonstrate the advantages of our method over the previous studies, validating the contribution of our method. |
Databáze: | OpenAIRE |
Externí odkaz: |