Title :
Malware obfuscation measuring via evolutionary similarity
Author :
Li, Jian ; Xu, Jun ; Xu, Ming ; Zhao, HengLi ; Zheng, Ning
Author_Institution :
Inst. of Comput. Applic. Technol., Hangzhou Dianzi Univ., Hangzhou, China
Abstract :
With prevailing of the malware, it is necessary to measure the malware obfuscation. We traced the system calls as the dynamic action of malware, and used evolutionary similarity to measure obfuscation. An algorithm, which uses sequence alignment as a way of arranging the sequences to identify similar regions, has been proposed to calculate the similarity. We used real-world malwares to test the resilience of our method. Our experiment has shown that our method has strong resilience against common obfuscation technologies.
Keywords :
invasive software; Malware obfuscation; evolutionary similarity; sequence alignment; Bioinformatics; Computer applications; Computer security; DNA; Proteins; RNA; Resilience; Sequences; Software measurement; Switches; evolutionary similarity; malware; obfuscation; similarity;
Conference_Titel :
Future Information Networks, 2009. ICFIN 2009. First International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-5158-6
Electronic_ISBN :
978-1-4244-5159-3
DOI :
10.1109/ICFIN.2009.5339567
