Title :
ISMCS: An intelligent instruction sequence based malware categorization system
Author :
Huang, Kai ; Ye, Yanfang ; Jiang, Qinshan
Author_Institution :
Software Sch., Xiamen Univ., Xiamen, China
Abstract :
Recently, automated malware (e.g., viruses, backdoors, spyware, Trojans and worms) categorization methods and an industry-wide naming convention have been the computer security topics that are of great interest. Resting on the analysis of function based instruction sequence, we develop an intelligent instruction sequence based malware categorization system (ISMCS) using a novel weighted subspace clustering method. ISMCS is an integrated system consisting of three major modules: feature exactor, malware categorizer using weighted subspace clustering method and malware signature generator. ISMCS can not only effectively categorize malwares to different families, but also automatically generate the unify signature for every family. Promising experimental results demonstrate that the effectiveness of our ISMCS system outperform other existing malware categorization methods, such as K-Means and hierarchical clustering algorithms.
Keywords :
category theory; invasive software; ISMCS; automated malware; computer security; instruction sequence based malware categorization system; Clustering algorithms; Clustering methods; Computer industry; Computer science; Computer security; Computer viruses; Computer worms; Data mining; Frequency; Software systems; instruction sequence; malware categorization; weighted subspace clustering;
Conference_Titel :
Anti-counterfeiting, Security, and Identification in Communication, 2009. ASID 2009. 3rd International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
978-1-4244-3883-9
Electronic_ISBN :
978-1-4244-3884-6
DOI :
10.1109/ICASID.2009.5276989
