Malware classification using instruction frequencies
- Authors
- Han, Kyoung Soo; Kang, Boojoong; Im, Eul Gyu
- Issue Date
- Nov-2011
- Publisher
- Association for Computing Machinary, Inc.
- Keywords
- instruction frequency; malware analysis; malware classification
- Citation
- Proceedings of the 2011 ACM Research in Applied Computation Symposium, RACS 2011, pp.298 - 300
- Indexed
- SCOPUS
- Journal Title
- Proceedings of the 2011 ACM Research in Applied Computation Symposium, RACS 2011
- Start Page
- 298
- End Page
- 300
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/167281
- DOI
- 10.1145/2103380.2103441
- ISSN
- 0000-0000
- Abstract
- Developing variants of malware is a common and effective method to avoid the signature detection of antivirus programs. Malware analysis and signature abstraction are essential technologies to update the detection signature DB for malware detection. Since most malware binary analysis processes are performed manually, malware binary analysis is a time-consuming job. Therefore, efficient malware classification can be used to speed up malware binary analysis. As malware variants of the same malware family may share a portion of their binary code, the sequences of instructions may be similar, or even identical. In this paper, we propose a malware classification method that uses instruction frequencies. Our test results show that there are clear distinctions among malware and normal programs.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/167281)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.