|
Title:
|
MALWARE CLASSIFICATION: AN INCREMENTAL SOURCE CODE-BASED APPROACH |
|
Author(s):
|
Yen-Hsien Lee, Ke-Qin Qiu, Tsai-Hsin Chu |
|
ISBN:
|
978-989-8533-20-3 |
|
Editors:
|
Hans Weghorn |
|
Year:
|
2013 |
|
Edition:
|
Single |
|
Keywords:
|
Malware classification, Incremental classification approach, Source code-based malware classification |
|
Type:
|
Short Paper |
|
First Page:
|
183 |
|
Last Page:
|
186 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
The increasing number and complexity of malware encourage the need for more effective and efficient malware analysis approaches. Most malwares evolve from the known ones and they tend to have similar attacking patterns. By predicting which class of malware it evolved from, we can accelerate the analysis on a malwareÂ’s possible behaviors. In this study, we intended to analyze source files of malware and proposed an incremental source code-based malware classification (ISMC) technique to address the need for malware classification. The ISMC technique measures the similarity between malwares on the basis of five important features identified from source codes and adopted a revised one-nearest-neighbor (1NN) classification algorithm to incrementally classify the malwares in sequence into their respective, appropriate category. Finally, our study conducted the empirical evaluation by collecting malwares from real world to assess the effectiveness of our proposed ISMC technique. To address the evolving characteristics of malware, the ISMC technique is expected to effectively and efficiently classify malware into an appropriate class. |
|
|
|
|
|
|
