ISMCS: An intelligent instruction sequence based malware categorization system

Author

Huang, Kai ; Ye, Yanfang ; Jiang, Qinshan

Author_Institution

Software Sch., Xiamen Univ., Xiamen, China

fYear

2009

Firstpage

509

Lastpage

512

Abstract

Recently, automated malware (e.g., viruses, backdoors, spyware, Trojans and worms) categorization methods and an industry-wide naming convention have been the computer security topics that are of great interest. Resting on the analysis of function based instruction sequence, we develop an intelligent instruction sequence based malware categorization system (ISMCS) using a novel weighted subspace clustering method. ISMCS is an integrated system consisting of three major modules: feature exactor, malware categorizer using weighted subspace clustering method and malware signature generator. ISMCS can not only effectively categorize malwares to different families, but also automatically generate the unify signature for every family. Promising experimental results demonstrate that the effectiveness of our ISMCS system outperform other existing malware categorization methods, such as K-Means and hierarchical clustering algorithms.

Keywords

category theory; invasive software; ISMCS; automated malware; computer security; instruction sequence based malware categorization system; Clustering algorithms; Clustering methods; Computer industry; Computer science; Computer security; Computer viruses; Computer worms; Data mining; Frequency; Software systems; instruction sequence; malware categorization; weighted subspace clustering;

fLanguage

English

Publisher

ieee

Conference_Titel

Anti-counterfeiting, Security, and Identification in Communication, 2009. ASID 2009. 3rd International Conference on

Conference_Location

Hong Kong

Print_ISBN

978-1-4244-3883-9

Electronic_ISBN

978-1-4244-3884-6

Type

conf

DOI

10.1109/ICASID.2009.5276989

Filename

5276989