Fast Malware Classification using Counting Bloom Filter
- Authors
- Kang, BooJong; Kim, Hye Seon; Kim, Taeguen; Kwon, Heejun; Im, Eul Gyu
- Issue Date
- Jul-2012
- Publisher
- International Information Institute
- Keywords
- Network security; Malware analysis; Control flow graph; Counting bloom filter
- Citation
- Information, v.15, no.7, pp 2879 - 2892
- Pages
- 14
- Indexed
- SCIE
SCOPUS
- Journal Title
- Information
- Volume
- 15
- Number
- 7
- Start Page
- 2879
- End Page
- 2892
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/165174
- ISSN
- 1343-4500
- Abstract
- As attackers make variants of existing malware, it is possible to detect unknown malware by using already-known malware's information. Control Flow Graphs (CFGs) have been used in malware analysis but the graph isomorphism problem is well-known as one of the most difficult problem to solve. In this paper, we proposed a new fast method which can detect malware binaries using CFGs by abstracting common characteristics of malware families. Our method also uses Counting Bloom Filter to find approximate solution of the graph isomorphism problem. The experimental results showed that processing overhead of our proposed method is much lower than n-gram based methods.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.