A comparative study of malware family classification
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Review: Classification of malware based on integrated static and dynamic features
Journal of Network and Computer Applications
Unveiling Zeus: automated classification of malware samples
Proceedings of the 22nd international conference on World Wide Web companion
| Hi-index | 0.00 |
Malware is an increasingly important problem that threatens the security of computer systems. The new concept of cloud security require rapid and automated detection and classification of malicious software. In this paper, we propose a behavior-based automated classification method. Depends on behavioral analysis we characterize malware behavioral profile in a trace report. This report contains the status change caused by the executable and event which are transfered from corresponding Win32 API calls and their certain parameters. we extract behaviour unit strings as features which reflect diffierent malware families behavioral patterns. These features vector space servered as input to the SVM. We use string similarity and information gain to reduce the dimension of feature space. Comparative experiments with a real world data set of malicious executables shows that our proposed method can classify malware into diffierent malware families with higher accuracy and efficiency.