Classifying malwares for identification of author groups.
CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE(2018)
摘要
Malwares are growing exponentially in number, and authors of malwares are continuously releasing new ones. Malwares developed by the same author group might have similar signatures. For a number of applications including digital forensic and law enforcement, such characteristics can be used to determine which author group is likely to have released a given malware. In this paper, we describe a new type of classification that identifies which group of authors is most likely to have developed a given malware. We identify and verify a set of various features obtained through static and dynamic analyses of malwares and exploit them for classification. We evaluate our approach through extensive experiments with a real-world dataset labeled by a group of domain experts. The results show that our approach is effective and provides good accuracy in malware classification.
更多查看译文
关键词
dynamic analysis,feature extraction,malware classification,static analysis
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络