Instruction Frequency-based Malware Classification Method
- Authors
- Han, Kyoung Soo; Kim, Sung-Ryul; Im, Eul Gyu
- Issue Date
- Jul-2012
- Keywords
- Malware analysis; Malware classification; Instruction frequencies
- Citation
- Information, v.15, no.7, pp 2973 - 2983
- Pages
- 11
- Indexed
- SCIE
SCOPUS
- Journal Title
- Information
- Volume
- 15
- Number
- 7
- Start Page
- 2973
- End Page
- 2983
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/165173
- ISSN
- 1344-8994
1344-8994
- Abstract
- Developing variants of malware is a common and effective method of avoiding the signature detection of antivirus programs. Malware analysis and signature abstraction are essential technologies when it comes to updating the detection signature database for malware detection. Since most malware binary analysis processes are performed manually, malware binary analysis is a time-consuming job. Therefore, efficient malware classification can be used to speed up such analysis. As malware variants of the same malware family may share a portion of their binary code, the sequences of instructions may be similar, or even identical. In this paper, we propose a malware classification method that uses instruction frequencies. The experimental results show that there are clear distinctions among malware and normal programs.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.