Malware Analysis and Classification Using Sequence Alignments
- Authors
- Cho, In Kyeom; Kim, Tae Guen; Shim, Yu Jin; Ryu, Minsoo; Im, Eul Gyu
- Issue Date
- Jun-2016
- Publisher
- TSI PRESS
- Keywords
- Malware analysis; Dynamic analysis; API sequence; Malicious behavior; Similarity analysis; Sequence alignment
- Citation
- INTELLIGENT AUTOMATION AND SOFT COMPUTING, v.22, no.3, pp.371 - 377
- Indexed
- SCIE
SCOPUS
- Journal Title
- INTELLIGENT AUTOMATION AND SOFT COMPUTING
- Volume
- 22
- Number
- 3
- Start Page
- 371
- End Page
- 377
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/154474
- ISSN
- 1079-8587
- Abstract
- With the increased uses of the Internet, the number of newly found malware keeps increasing every year. In addition, malware becomes more and more complex with various technologies, such as packing, anti-debugging, and so on. To defend against a large number of malware every day, the improvement of the analysis process is quite important. One way of expediting malware analysis processing is to classify unknown or new malware into known malware families. A malware family is a group of malware that share common modules and have similar malicious behaviors. This paper proposes a malware family classification framework using a sequence alignment method, which is widely used in the bioinformatics field. Our proposed framework can find common parts from invoked API sequences of malware, and these common API sequences can be used to find similar behaviors of malware variants. Since the sequence alignment methods usually have high performance overheads, our proposed framework used a couple of techniques to reduce the overheads. The proposed framework was tested with some malware families, and experimental results show that our mechanism can be used to classify malware families, because there are clear similarity differences between malware in the same family and malware in different families.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/154474)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.