Detecting Obfuscated Viruses Using Cosine Similarity Analysis
AMS '07 Proceedings of the First Asia International Conference on Modelling & Simulation
Opcodes as predictor for malware
International Journal of Electronic Security and Digital Forensics
Automatic malware categorization using cluster ensemble
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
SplitScreen: enabling efficient, distributed malware detection
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
BitShred: feature hashing malware for scalable triage and semantic analysis
Proceedings of the 18th ACM conference on Computer and communications security
FORECAST: skimming off the malware cream
Proceedings of the 27th Annual Computer Security Applications Conference
Malware classification using instruction frequencies
Proceedings of the 2011 ACM Symposium on Research in Applied Computation
Idea: opcode-sequence-based malware detection
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Malware analysis method using visualization of binary files
Proceedings of the 2013 Research in Adaptive and Convergent Systems
Function matching-based binary-level software similarity calculation
Proceedings of the 2013 Research in Adaptive and Convergent Systems
Hi-index | 0.00 |
With the wide spread uses of the Internet, the number of Internet attacks keeps increasing, and malware is the main cause of most Internet attacks. Malware is used by attackers to infect normal users' computers and to acquire private information as well as to attack other machines. The number of new malware and variants of malware is increasing every year because the automated tools allow attackers to generate the new malware or their variants easily. Therefore, performance improvement of the malware analysis is critical to prevent malware from spreading rapidly and to mitigate damages to users. In this paper, we proposed a new malware classification method by analyzing similarities of malware. Our method analyzes a small part of malware to reduce analysis overheads, and experimental results showed that our approach can effectively classify malware families.