Malware Classification using FingerPrint and TF-IDF
- Title
- Malware Classification using FingerPrint and TF-IDF
- Author
- 이용찬
- Alternative Author(s)
- Yongchan Lee
- Advisor(s)
- 임을규
- Issue Date
- 2017-02
- Publisher
- 한양대학교
- Degree
- Master
- Abstract
- As the spread of computers is accelerating, the rate of malicious programs is rapidly increasing. Because the number of malware increases very quickly, malicious code should be able to be analyzed and detected quickly and accurately. Also it is very important to know the characteristics of malware to detect new ones. This paper proposes malware similarity calculation method, and cosine similarity is used to calculate the similarity between malicious codes, and features are extracted and by static analysis for each malicious code. In this case, the malicious code is analyzed using HB Gary's Finger Print, and the analyzed information is measured by TF-IDF, which is used to classify documents, to measure characteristics and similarity of each malware family. After that, malware family classification experiments were performed using additional malware, and the similarity of each malicious code was measured. Through the experimental results, this paper proposes the method that can be effective for malware family classification.
- URI
- https://repository.hanyang.ac.kr/handle/20.500.11754/124209http://hanyang.dcollection.net/common/orgView/200000429670
- Appears in Collections:
- GRADUATE SCHOOL[S](대학원) > COMPUTER SCIENCE(컴퓨터·소프트웨어학과) > Theses (Master)
- Files in This Item:
There are no files associated with this item.
- Export
- RIS (EndNote)
- XLS (Excel)
- XML