43 0

Malware detection: program run length against detection rate

Title
Malware detection: program run length against detection rate
Author
임을규
Issue Date
2014-02
Publisher
The Institution of Engineering and Technology
Citation
IET Software, Volume 8, Issue 1, February 2014, p. 42 ? 51
Abstract
N-gram analysis is an approach that investigates the structure of a program using bytes, characters or text strings. This research uses dynamic analysis to investigate malware detection using a classification approach based on N-gram analysis. A key issue with dynamic analysis is the length of time a program has to be run to ensure a correct classification. The motivation for this research is to find the optimum subset of operational codes (opcodes) that make the best indicators of malware and to determine how long a program has to be monitored to ensure an accurate support vector machine (SVM) classification of benign and malicious software. The experiments within this study represent programs as opcode density histograms gained through dynamic analysis for different program run periods. A SVM is used as the program classifier to determine the ability of different program run lengths to correctly determine the presence of malicious software. The findings show that malware can be detected with different program run lengths using a small number of opcodes.
URI
http://digital-library.theiet.org/content/journals/10.1049/iet-sen.2013.0020http://hdl.handle.net/20.500.11754/49585
ISSN
1751-8806; 1751-8814
DOI
10.1049/iet-sen.2013.0020
Appears in Collections:
COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE