Cited 0 time in
Extracting representative API patterns of malware families using multiple sequence alignments
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Cho, In Kyeom | - |
| dc.contributor.author | Im, Eul Gyu | - |
| dc.date.accessioned | 2022-07-15T20:46:31Z | - |
| dc.date.available | 2022-07-15T20:46:31Z | - |
| dc.date.created | 2021-05-13 | - |
| dc.date.issued | 2015-10 | - |
| dc.identifier.issn | 0000-0000 | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/156198 | - |
| dc.description.abstract | Nowadays malware developers use various techniques to avoid detection of antivirus software. For variants of malware, existing signature based detection method could be avoidable because those have some differences in static information like code or strings. Therefore, to detect and classify malware variants, a behavior based detection is required. This paper proposes a technique to extract a representative API pattern from API call sequences of a malware family using multiple sequence alignment (MSA) algorithm to measure similarities among malware variants. To extract API call sequences of malware, a sandbox tool was used. After that, the Clustal algorithm, a popular MSA algorithm used in the Bioinformatics field, was applied to malware API call sequences, and the representative API pattern was extracted from the results of MSA. Experiments to test the extracted API patterns that are used to classify malware variants were carried out, and we measured classification accuracy of the representative API pattern of each family. The experimental results show that our proposed method can be effective to classify malware families. | - |
| dc.language | 영어 | - |
| dc.language.iso | en | - |
| dc.publisher | Association for Computing Machinery, Inc | - |
| dc.title | Extracting representative API patterns of malware families using multiple sequence alignments | - |
| dc.type | Article | - |
| dc.contributor.affiliatedAuthor | Im, Eul Gyu | - |
| dc.identifier.doi | 10.1145/2811411.2811543 | - |
| dc.identifier.scopusid | 2-s2.0-84960907287 | - |
| dc.identifier.bibliographicCitation | Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015, pp.308 - 313 | - |
| dc.relation.isPartOf | Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015 | - |
| dc.citation.title | Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015 | - |
| dc.citation.startPage | 308 | - |
| dc.citation.endPage | 313 | - |
| dc.type.rims | ART | - |
| dc.type.docType | Conference Paper | - |
| dc.description.journalClass | 1 | - |
| dc.description.isOpenAccess | N | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.subject.keywordPlus | Bioinformatics | - |
| dc.subject.keywordPlus | Computer crime | - |
| dc.subject.keywordPlus | Antivirus softwares | - |
| dc.subject.keywordPlus | API patterns | - |
| dc.subject.keywordPlus | Behavior-based detection | - |
| dc.subject.keywordPlus | Classification accuracy | - |
| dc.subject.keywordPlus | Malware classifications | - |
| dc.subject.keywordPlus | Multiple sequence alignment algorithm | - |
| dc.subject.keywordPlus | Multiple sequence alignments | - |
| dc.subject.keywordPlus | Signature based detections | - |
| dc.subject.keywordPlus | Malware | - |
| dc.subject.keywordAuthor | Malware classification | - |
| dc.subject.keywordAuthor | Multiple sequence alignment | - |
| dc.subject.keywordAuthor | Representative API pattern | - |
| dc.identifier.url | https://dl.acm.org/doi/10.1145/2811411.2811543 | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
222, Wangsimni-ro, Seongdong-gu, Seoul, 04763, Korea+82-2-2220-1366
COPYRIGHT © 2024 HANYANG UNIVERSITY.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
