Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | 임을규 | - |
dc.date.accessioned | 2017-08-03T05:01:19Z | - |
dc.date.available | 2017-08-03T05:01:19Z | - |
dc.date.issued | 2015-10 | - |
dc.identifier.citation | Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015 9 October 2015, Page. 308-313 | en_US |
dc.identifier.isbn | 978-1-4503-3738-0 | - |
dc.identifier.uri | http://dl.acm.org/citation.cfm?doid=2811411.2811543 | - |
dc.identifier.uri | http://hdl.handle.net/20.500.11754/28246 | - |
dc.description.abstract | Nowadays malware developers use various techniques to avoid detection of antivirus software. For variants of malware, existing signature based detection method could be avoidable because those have some differences in static information like code or strings. Therefore, to detect and classify malware variants, a behavior based detection is required. This paper proposes a technique to extract a representative API pattern from API call sequences of a malware family using multiple sequence alignment (MSA) algorithm to measure similarities among malware variants. To extract API call sequences of malware, a sandbox tool was used. After that, the Clustal algorithm, a popular MSA algorithm used in the Bioinformatics field, was applied to malware API call sequences, and the representative API pattern was extracted from the results of MSA. Experiments to test the extracted API patterns that are used to classify malware variants were carried out, and we measured classification accuracy of the representative API pattern of each family. The experimental results show that our proposed method can be effective to classify malware families. © 2015 ACM. | en_US |
dc.description.sponsorship | This research was supported by the MSIP(Ministry of Science, ICT and Future Planning), Korea, under the ITRC(Information Technology Research Center) support program (IITP-2015-H8501-15-1013) supervised by the IITP(Institute for Information & communication Technology Promotion) | en_US |
dc.language.iso | en | en_US |
dc.publisher | ACM | en_US |
dc.subject | Multiple Sequence Alignment | en_US |
dc.subject | Malware classification | en_US |
dc.subject | Representative API pattern | en_US |
dc.title | Extracting representative API patterns of malware families using multiple sequence alignments | en_US |
dc.type | Article | en_US |
dc.identifier.doi | 10.1145/2811411.2811543 | - |
dc.relation.page | 308-313 | - |
dc.contributor.googleauthor | Cho, In Kyeom | - |
dc.contributor.googleauthor | Im, Eul Gyu | - |
dc.sector.campus | S | - |
dc.sector.daehak | COLLEGE OF ENGINEERING[S] | - |
dc.sector.department | DEPARTMENT OF COMPUTER SCIENCE | - |
dc.identifier.pid | imeg | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.