A comparative assessment of malware classification using binary texture analysis and dynamic analysis
作者: Lakshmanan Nataraj , Vinod Yegneswaran , Phillip Porras , Jian Zhang
关键词:
摘要: AI techniques play an important role in automated malware classification. Several machine-learning methods have been applied to classify or cluster into families, based on different features derived from dynamic review of the malware. While these approaches demonstrate promise, they are themselves subject a growing array counter measures that increase cost capturing binary features. Further, feature extraction requires time investment per does not scale well daily volume instances being reported by those who diligently collect Recently, new type extraction, used classification approach called binary-texture analysis, was introduced [16]. We compare this existing previously published. find that, while texture analysis is capable providing comparable accuracy contemporary techniques, it can deliver results 4000 times faster than techniques. Also surprisingly, texture-based seems resilient packing strategies, and robustly large corpus with both packed unpacked samples. present our experimental three independent corpora, comprised over 100 thousand These suggest could be useful efficient complement analysis.
acm.org
researchgate.net 
sci-hub.se 参考文章(22)
Wenke Lee, Monirul I. Sharif, Andrea Lanzi, Jonathon T. Giffin, Impeding Malware Analysis Using Conditional Code Obfuscation network and distributed system security symposium. pp. 1- 13 ,(2008)
Georg Wicherski, peHash: a novel approach to fast malware clustering usenix conference on large scale exploits and emergent threats. pp. 1- 1 ,(2009)
Ulrich Bayer, Christopher Kruegel, Engin Kirda, TTAnalyze: A Tool for Analyzing Malware Proceedings of the European Institute for Computer Antivirus Research Annual Conference,2006. ,(2006)
Aude Oliva, Antonio Torralba, Modeling the Shape of the Scene: A Holistic Representation of the Spatial Envelope International Journal of Computer Vision. ,vol. 42, pp. 145- 175 ,(2001) , 10.1023/A:1011139631724
Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov, Learning and Classification of Malware Behavior international conference on detection of intrusions and malware and vulnerability assessment. pp. 108- 125 ,(2008) , 10.1007/978-3-540-70542-0_6
Peng Li, Limin Liu, Debin Gao, Michael K. Reiter, On challenges in evaluating malware clustering recent advances in intrusion detection. ,vol. 6307, pp. 238- 255 ,(2010) , 10.1007/978-3-642-15512-3_13
Konrad Rieck, Philipp Trinius, Carsten Willems, Thorsten Holz, Automatic analysis of malware behavior using machine learning Journal of Computer Security. ,vol. 19, pp. 639- 668 ,(2011) , 10.3233/JCS-2010-0410
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, Engin Kirda, Scalable, behavior-based malware clustering network and distributed system security symposium. ,(2009)
Engin Kirda, Paolo Milani Comparetti, Christopher Kruegel, Clemens Kolbitsch, Xiaoyong Zhou, XiaoFeng Wang, Effective and efficient malware detection at the end host usenix security symposium. pp. 351- 366 ,(2009)
L. Nataraj, S. Karthikeyan, G. Jacob, B. S. Manjunath, Malware images: visualization and automatic classification visualization for computer security. pp. 4- ,(2011) , 10.1145/2016904.2016908