Classifying malwares for identification of author groups
- Authors
- Hong, Jiwon; Park, Sanghyun; Kim, Sang-Wook; Kim, Dongphil; Kim, Wonho
- Issue Date
- Feb-2018
- Publisher
- WILEY
- Keywords
- dynamic analysis; feature extraction; malware classification; static analysis
- Citation
- CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, v.30, no.3
- Indexed
- SCIE
SCOPUS
- Journal Title
- CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE
- Volume
- 30
- Number
- 3
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/150625
- DOI
- 10.1002/cpe.4197
- ISSN
- 1532-0626
- Abstract
- Malwares are growing exponentially in number, and authors of malwares are continuously releasing new ones. Malwares developed by the same author group might have similar signatures. For a number of applications including digital forensic and law enforcement, such characteristics can be used to determine which author group is likely to have released a given malware. In this paper, we describe a new type of classification that identifies which group of authors is most likely to have developed a given malware. We identify and verify a set of various features obtained through static and dynamic analyses of malwares and exploit them for classification. We evaluate our approach through extensive experiments with a real-world dataset labeled by a group of domain experts. The results show that our approach is effective and provides good accuracy in malware classification.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/150625)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.