A study on similarity calculation method for API invocation sequences
- Authors
- Shim, Yu Jin; Kim, Tae Guen; Im, Eul Gyu
- Issue Date
- Nov-2015
- Publisher
- Springer Verlag
- Keywords
- API invocation sequence; Dynamic analysis; Malware detection; Similarity calculation method
- Citation
- Lecture Notes in Computer Science, v.9436, pp 492 - 501
- Pages
- 10
- Indexed
- SCOPUS
- Journal Title
- Lecture Notes in Computer Science
- Volume
- 9436
- Start Page
- 492
- End Page
- 501
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/156040
- DOI
- 10.1007/978-3-319-25754-9_43
- ISSN
- 0302-9743
1611-3349
- Abstract
- Malware variants have been developed and spread in the Internet, and the number of new malware variants is increases every year. Recently, malware is applied with obfuscation and mutation techniques to hide its existence, and malware variants are developed with various automatic tools that transform the properties of existing malware to avoid static analysis based malware detection systems. It is difficult to detect such obfuscated malware with static-based signatures, so we have designed a detection system based on dynamic analysis. In this paper, we propose a dynamic analysis based system that uses the API invocation sequences to compare behaviors of suspicious software with behaviors of existing malware.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.