Title :
An approach for malware behavior identification and classification
Author :
Zolkipli, Mohamad Fadli ; Jantan, Aman
Author_Institution :
Sch. of Comput. Sci., Univ. Sains Malaysia, Penang, Malaysia
Abstract :
Malware is one of the major security threats that can break computer operation. However, commercial anti-virus or anti-spyware that used signature-based matching to detects malware cannot solve that kind of threats. Nowadays malware writers try to avoid detection by using several techniques such as polymorphic, metamorphic and also hiding technique. In order to overcome that issue, we proposed a new framework for malware behavior identification and classification that apply dynamic approach. This framework consists of two major processes such as behavior identification and malware classification. These two major processes will integrate together as interrelated process in our proposed framework. Result from this study is a new framework that able to identify and classify malware based on it behaviors.
Keywords :
computer viruses; data encapsulation; digital signatures; antispyware; antivirus; hiding technique; malware behavior classification; malware behavior identification; metamorphic technique; polymorphic technique; security threats; signature-based matching; Computer architecture; Computer science; Computers; Malware; Operating systems; Virtual machining; behavior analysis; computer security; malware; malware classification;
Conference_Titel :
Computer Research and Development (ICCRD), 2011 3rd International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-61284-839-6
DOI :
10.1109/ICCRD.2011.5764001
