DocumentCode
2104783
Title
On Malicious Software Classification
Author
Jianhui Lin
Author_Institution
Dept. of Inf. Technol., Hubei Univ. of Police, Wuhan
fYear
2008
fDate
21-22 Dec. 2008
Firstpage
368
Lastpage
371
Abstract
In recent years, the number of malware families /variants has exploded dramatically. Automatic malware classification is becoming an important research area. In this paper, we propose a behavior-based automated classification method based on distance measure and machine learning. We represent a file by its runtime behavior in the form of sequenced events then structure the event information in a canonical format and store them in database. After machine learning classifier constructed the similarities and patterns learned by the classifiers are applied to classify new objects.
Keywords
invasive software; learning (artificial intelligence); pattern classification; automatic malware classification; behavior-based automated classification method; distance measure; machine learning classifier; malicious software classification; malware family; runtime behavior; sequenced events; Databases; Machine learning; Runtime; classfication; event; malicious ware;
fLanguage
English
Publisher
ieee
Conference_Titel
Intelligent Information Technology Application Workshops, 2008. IITAW '08. International Symposium on
Conference_Location
Shanghai
Print_ISBN
978-0-7695-3505-0
Type
conf
DOI
10.1109/IITA.Workshops.2008.106
Filename
4731954
Link To Document