Conference proceeding
Toward an Automatic, Online Behavioral Malware Classification System
2013 IEEE 7th International Conference on Self-Adaptive and Self-Organizing Systems
Sep 2013
Abstract
Malware authors are increasingly using specialized toolkits and obfuscation techniques to modify existing malware and avoid detection by traditional antivirus software. The resulting proliferation of obfuscated malware variants poses a challenge to antivirus vendors, who must create signatures to detect each new malware variant. Although the many variants in a malware family have different static signatures, they share characteristic behavioral patterns resulting from their common function and heritage. We describe an automatic classification system that can be trained to accurately identify new variants within known malware families, using observed similarities in behavioral features extracted from sensors monitoring live computers hosts. We evaluate the accuracy of the classifier on a live testbed under a heavy computational load. The described classification system is intended to perform classification online, using the computed classes of newly detected malware variants to guide the automatic mitigation of infected hosts.
Metrics
Details
- Title
- Toward an Automatic, Online Behavioral Malware Classification System
- Creators
- Raymond Canzanese - Drexel UniversityMoshe Kam - Drexel UniversitySpiros Mancoridis - Drexel UniversityIEEE
- Publication Details
- 2013 IEEE 7th International Conference on Self-Adaptive and Self-Organizing Systems
- Publisher
- IEEE
- Resource Type
- Conference proceeding
- Language
- English
- Academic Unit
- Computer Science
- Web of Science ID
- WOS:000335222500012
- Scopus ID
- 2-s2.0-84893187027
- Other Identifier
- 991019167648704721
InCites Highlights
Data related to this publication, from InCites Benchmarking & Analytics tool:
- Web of Science research areas
- Computer Science, Hardware & Architecture
- Engineering, Electrical & Electronic