For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Numerical Analysis and Performance Test Based on Multi-Media Internet Architecture
p.2934
The Architecture and Implementation for International Trade Settlement Software Design
p.2939
A Web Services Security Policy Description Model
p.2943
The Simulation Platform in City Traffic Environment Based on TinyOS for Wireless Sensor Networks
p.2947
Automatic Threat Assessment of Malware Based on Behavior Analysis
p.2952
Design of Wireless Sensor Networks Border Router Based on IPv6
p.2957
Research of Network Virtualization in Data Center
p.2961
The Software Support Analysis of Information System
p.2965
Study on a Novel GIS-Based Routing Strategy
p.2969

Automatic Threat Assessment of Malware Based on Behavior Analysis

Article Preview

Abstract:

Automatic analysis of malware is a hot topic in recent years. While many methods were proposed it was still a challenge for automatic identification of malware. For example, scoring was commonly used to indicate threat scale of samples, but this metric was given by manual processing in most case. In this paper, a method to automatically generate the score of analyzed sample was proposed. Combine this method and practical problem, we tested up to 639 samples and got a correctness of 97.3%. Experimental result showed that this method could correctly indicate the threat scale of samples. The results of this paper can also offer some tips for manual analysis.

You might also be interested in these eBooks
Machine Tool Technology, Mechatronics and Information Engineering View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 644-650)

Pages:

2952-2956

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.644-650.2952

Citation:

Cite this paper

Online since:

September 2014

Authors:

Jian Guo Jiang, Xin Jian Ma*, Xin Liang Qiu, Min Yu, Chao Liu

Keywords:

Assessment, Behavior Analysis, Constrain Solve, Malware, Threat Scale

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2014 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] Symantec Corpration. Symantec global internet security threat report [J/OL] 2008, http: /eval. symantec. com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiv_04-2009. en-us. pdf.

DOI: 10.1016/s1353-4858(00)03015-4

Google Scholar

[2] CHRISTODORESCU M., JHA S., SESHIA S. A., et al. Semantics-aware malware detection; proceedings of IEEE Symposium on the Security and Privacy, 2005 [C].

DOI: 10.1109/sp.2005.20

Google Scholar

[3] BAYER Ulrich, KRUEGEL Christopher, KIRDA Engin. TTAnalyze: A tool for analyzing malware; proceedings of the 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference, F, 2006 [C].

Google Scholar

[4] WILLEMS C., HOLZ T., FREILING F. Toward Automated Dynamic Malware Analysis Using CWSandbox [J]. Security & Privacy, IEEE, 2007, 5(2): 32-9.

DOI: 10.1109/msp.2007.45

Google Scholar

[5] DINABURG Artem, ROYAL Paul, SHARIF Monirul, et al. Ether: malware analysis via hardware virtualization extensions [M]. Proceedings of the 15th ACM conference on Computer and communications security. Alexandria, Virginia, USA; ACM. 2008: 51-62.

DOI: 10.1145/1455770.1455779

Google Scholar

[6] Microsoft Corporation. Microsoft security intelligence report (SIR) [J/OL] 2013, http: /www. microsoft. com/security/sir/archive/default. aspx.

Google Scholar

[7] MOSER A., KRUEGEL C., KIRDA E. Limits of Static Analysis for Malware Detection; proceedings of the Computer Security Applications Conference, 2007 ACSAC 2007 Twenty-Third Annual, F 10-14 Dec. 2007, 2007 [C].

DOI: 10.1109/acsac.2007.21

Google Scholar

[8] RIECK Konrad, HOLZ Thorsten, WILLEMS Carsten, et al. Learning and Classification of Malware Behavior [M]/ZAMBONI D. Detection of Intrusions and Malware, and Vulnerability Assessment. Springer Berlin Heidelberg. 2008: 108-25.

DOI: 10.1007/978-3-540-70542-0_6

Google Scholar

[9] BAYER Ulrich, COMPARETTI Paolo Milani, HLAUSCHEK Clemens, et al. Scalable, Behavior-Based Malware Clustering; proceedings of the NDSS, F, 2009 [C]. Citeseer.

Google Scholar

[10] RIECK Konrad, TRINIUS Philipp, WILLEMS Carsten, et al. Automatic analysis of malware behavior using machine learning [J]. Journal of Computer Security, 2011, 19(4): 639-68.

DOI: 10.3233/jcs-2010-0410

Google Scholar

[11] KIRDA Engin, KRUEGEL Christopher, BANKS Greg, et al. Behavior-based spyware detection; proceedings of the Proceedings of the 15th USENIX Security Symposium, F, 2006 [C].

Google Scholar

[12] CHRISTODORESCU Mihai, JHA Somesh, KRUEGEL Christopher. Mining specifications of malicious behavior [M]. Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering. Dubrovnik, Croatia; ACM. 2007: 5-14.

DOI: 10.1145/1287624.1287628

Google Scholar

[13] PARK Younghee, REEVES Douglas S., STAMP Mark. Deriving common malware behavior through graph clustering [J]. Computers & Security, 2013, 39, Part B(0): 419-30.

DOI: 10.1016/j.cose.2013.09.006

Google Scholar

[14] QIAN Huang, YING Wu Dong, YAN Sun Xiao. Hierarchical method to analyze malware behavior [J]. Journal of Computer Applications, 2010, 30(4): 1048-52.

DOI: 10.3724/sp.j.1087.2010.01048

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.