DocumentCode :
2209071
Title :
Malware Behavior Extracting via Maximal Patterns
Author :
Li, Jian ; Zheng, Ning ; Xu, Ming ; Sun, YongQing ; Lin, JiouChuan
Author_Institution :
Inst. of Comput. Applic. Technol., Hangzhou Dianzi Univ., Hangzhou, China
fYear :
2009
fDate :
26-28 Dec. 2009
Firstpage :
1759
Lastpage :
1764
Abstract :
With the prevailing of malware, it is necessary to describe mal-program´s behavior in an efficient way. In this paper, a malware behavior extracting system is addressed. It used Intel VT to trace malware´s runtime system calls and extracted maximal patterns to describe malware behavior. A pattern´s extracting algorithm is proposed to extract maximal patterns from system calls sequence. Real-world malwares are used to validate this method. The results of experiments have shown that the method can describe the behavior of mal-program with strong resilience and high accuracy.
Keywords :
invasive software; Intel VT; malware behavior extracting system; maximal patterns; runtime system; Computer applications; Computerized monitoring; Data mining; Information science; Information security; Operating systems; Resilience; Software protection; Sun; Telecommunication traffic;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Science and Engineering (ICISE), 2009 1st International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-4909-5
Type :
conf
DOI :
10.1109/ICISE.2009.725
Filename :
5454576
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2209071
بازگشت