Exploring malware behaviour for improvement of malware signatures

Malware signatures play an essential role in defence against malicious programs which were analysed by malware analysts and identified as a security threat. It is important to maintain such detection mechanisms which identify known malicious software on a victim´s computer system. However, the problem is that occurrence of unknown malicious software increases and these threats are undetectable with current malware signatures. This weakness of signature-based detection lead us to searching for novel approach to the problem of malicious features representation which should be effective in detection of unknown, obfuscated or mutated malware. We focus on characteristic behaviour and other properties of malicious software that can be extracted by current analytic techniques and synthesised into malware behaviour description, or malware behavioural signature, independent from the binary representation of analysed program.