Similarity-Based Malware Classification Using Hidden Markov Model
作者: Mohammad Imran , Muhammad Tanvir Afzal , Muhammad Abdul Qadir
关键词:
摘要: The problem of malware classification has gained the attention cyber security community due to following facts: (1) thousands new are generated every day (2) global losses caused by in billions dollars year. In this paper a novel scheme is proposed that based on Hidden Markov Models (HMMs) and discriminative classifiers. Sequences system calls during execution represented as observation sequences train HMMs. Individual samples then evaluated against these models generate similarity vectors, which used predict class label for an unknown sample training classifier. Our combination HMMs, dynamic program features classifier shown promising results experiments performed using call logs real malware.
ieeecomputersociety.org参考文章(23)
Nikos Karampatziakis, Jack W. Stokes, Anil Thomas, Mady Marinescu, Using file relationships in malware classification international conference on detection of intrusions and malware and vulnerability assessment. pp. 1- 20 ,(2012) , 10.1007/978-3-642-37300-8_1
Stephen R. Garner, WEKA: The Waikato Environment for Knowledge Analysis ,(1996)
Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov, Learning and Classification of Malware Behavior international conference on detection of intrusions and malware and vulnerability assessment. pp. 108- 125 ,(2008) , 10.1007/978-3-540-70542-0_6
Konrad Rieck, Philipp Trinius, Carsten Willems, Thorsten Holz, Automatic analysis of malware behavior using machine learning Journal of Computer Security. ,vol. 19, pp. 639- 668 ,(2011) , 10.3233/JCS-2010-0410
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, Engin Kirda, Scalable, behavior-based malware clustering network and distributed system security symposium. ,(2009)
Chinmayee Annachhatre, Thomas H. Austin, Mark Stamp, Hidden Markov models for malware classification Journal of Computer Virology and Hacking Techniques. ,vol. 11, pp. 59- 73 ,(2015) , 10.1007/S11416-014-0215-X
George E. Dahl, Jack W. Stokes, Li Deng, Dong Yu, Large-scale malware classification using random projections and neural networks international conference on acoustics, speech, and signal processing. pp. 3422- 3426 ,(2013) , 10.1109/ICASSP.2013.6638293
Rafiqul Islam, Ronghua Tian, Lynn M. Batten, Steve Versteeg, Review: Classification of malware based on integrated static and dynamic features Journal of Network and Computer Applications. ,vol. 36, pp. 646- 656 ,(2013) , 10.1016/J.JNCA.2012.10.004
Yanfang Ye, Tao Li, Yong Chen, Qingshan Jiang, Automatic malware categorization using cluster ensemble knowledge discovery and data mining. pp. 95- 104 ,(2010) , 10.1145/1835804.1835820
Blake Anderson, Curtis Storlie, Terran Lane, Improving malware classification Proceedings of the 5th ACM workshop on Security and artificial intelligence - AISec '12. pp. 3- 14 ,(2012) , 10.1145/2381896.2381900