Classifying malwares for identification of author groups
- Title
- Classifying malwares for identification of author groups
- Author
- 김상욱
- Keywords
- dynamic analysis; feature extraction; malware classification; static analysis
- Issue Date
- 2018-02
- Publisher
- WILEY
- Citation
- CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, v. 30, no. 3, Article no. e4197
- Abstract
- Malwares are growing exponentially in number, and authors of malwares are continuously releasing new ones. Malwares developed by the same author group might have similar signatures. For a number of applications including digital forensic and law enforcement, such characteristics can be used to determine which author group is likely to have released a given malware. In this paper, we describe a new type of classification that identifies which group of authors is most likely to have developed a given malware. We identify and verify a set of various features obtained through static and dynamic analyses of malwares and exploit them for classification. We evaluate our approach through extensive experiments with a real-world dataset labeled by a group of domain experts. The results show that our approach is effective and provides good accuracy in malware classification.
- URI
- https://onlinelibrary.wiley.com/doi/abs/10.1002/cpe.4197https://repository.hanyang.ac.kr/handle/20.500.11754/117626
- ISSN
- 1532-0626; 1532-0634
- DOI
- 10.1002/cpe.4197
- Appears in Collections:
- COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
- Files in This Item:
There are no files associated with this item.
- Export
- RIS (EndNote)
- XLS (Excel)
- XML