poster

Discriminant malware distance learning on structuralinformation for automated malware classification

Authors:

Deguang Kong,

Guanhua YanAuthors Info & Claims

ACM SIGMETRICS Performance Evaluation Review, Volume 41, Issue 1

Pages 347 - 348

https://doi.org/10.1145/2494232.2465531

Published: 17 June 2013 Publication History

Get Access

Abstract

In this work, we explore techniques that can automatically classify malware variants into their corresponding families. Our framework extracts structural information from malware programs as attributed function call graphs, further learns discriminant malware distance metrics, finally adopts an ensemble of classifiers for automated malware classification. Experimental results show that our method is able to achieve high classification accuracy.

References

[1]

http://www.hex-rays.com/products/ida/index.shtml.

Google Scholar

[2]

J. Z. Kolter and M. A. Maloof. Learning to detect and classify malicious executables in the wild. Journal of Machine Learning Research, 7, 2006.

Digital Library

Google Scholar

[3]

D. Kong, Y. Jhi, T. Gong, S. Zhu, P. Liu, and H. Xi. Sas: Semantics aware signature generation for polymorphic worm detection. In SecureComm, pages 1--19, 2010.

Crossref

Google Scholar

[4]

D. Kong, D. Tian, P. Liu, and D. Wu. Sa3: Automatic semantic aware attribution analysis of remote exploits. In SecureComm, pages 190--208, 2011.

Google Scholar

[5]

Microsoft security intelligence report, January-June 2006.

Google Scholar

[6]

http://www.offensivecomputing.net/. Accessed in March 2012.

Google Scholar

[7]

R. Perdisci, A. Lanzi, and W. Lee. Mcboost: Boosting scalability in malware collection and analysis using statistical classification of executables. In ACSAC, pages 301--310, 2008.

Digital Library

Google Scholar

[8]

M. G. Schultz, E. Eskin, E. Zadok, and S. J. Stolfo. Data mining methods for detection of new malicious executables. In Proceedings of the IEEE Symposium on Security and Privacy, pages 38--49, 2001.

Digital Library

Google Scholar

[9]

G. Yan, N. Brown, and D. Kong. Exploring discriminatory features for automated malware classification. In Proceedings of DIMVA'13.

Google Scholar

Cited By

View all

Ye GZhang JLi HTang ZLv T(2022)Android Malware Detection Technology Based on Lightweight Convolutional Neural NetworksSecurity and Communication Networks10.1155/2022/88937642022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/8893764
Gautam VKaur P(2022)Malware Classification Based on Various Machine Learning TechniquesProceedings of 2nd International Conference on Artificial Intelligence: Advances and Applications10.1007/978-981-16-6332-1_14(141-151)Online publication date: 14-Feb-2022
https://doi.org/10.1007/978-981-16-6332-1_14
Gao TZhao LLi XChen W(2021)Malware detection based on semi-supervised learning with malware visualizationMathematical Biosciences and Engineering10.3934/mbe.202130018:5(5995-6011)Online publication date: 2021
https://doi.org/10.3934/mbe.2021300
Show More Cited By

Index Terms

Discriminant malware distance learning on structuralinformation for automated malware classification
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
  2. Systems security
    1. Operating systems security

Recommendations

Discriminant malware distance learning on structural information for automated malware classification
KDD '13: Proceedings of the 19th ACM SIGKDD international conference on Knowledge discovery and data mining

The voluminous malware variants that appear in the Internet have posed severe threats to its security. In this work, we explore techniques that can automatically classify malware variants into their corresponding families. We present a generic framework ...
Discriminant malware distance learning on structuralinformation for automated malware classification
SIGMETRICS '13: Proceedings of the ACM SIGMETRICS/international conference on Measurement and modeling of computer systems

In this work, we explore techniques that can automatically classify malware variants into their corresponding families. Our framework extracts structural information from malware programs as attributed function call graphs, further learns discriminant ...
The Next Malware Battleground: Recovery After Unknown Infection

Malware has become a natural aspect of Internet computing due to the imperfectness of systems that identify malware and prevent their installation. Our ability to control the volume of unwanted and malicious traffic on the Internet—the spam messages, ...

Comments

Information & Contributors

Information

Published In

ACM SIGMETRICS Performance Evaluation Review Volume 41, Issue 1

Performance evaluation review

June 2013

385 pages

ISSN:0163-5999

DOI:10.1145/2494232

Issue’s Table of Contents

SIGMETRICS '13: Proceedings of the ACM SIGMETRICS/international conference on Measurement and modeling of computer systems
June 2013
406 pages
ISBN:9781450319003
DOI:10.1145/2465529
General Chair:
Mor Harchol-Balter
Carnegie Mellon University, USA
,
Program Chairs:
John Douceur
Microsoft Research, USA
,
Jun Xu
Georgia Institute of Technology, USA

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 June 2013

Published in SIGMETRICS Volume 41, Issue 1

Check for updates

Author Tags

Qualifiers

Poster

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
332
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Ye GZhang JLi HTang ZLv T(2022)Android Malware Detection Technology Based on Lightweight Convolutional Neural NetworksSecurity and Communication Networks10.1155/2022/88937642022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/8893764
Gautam VKaur P(2022)Malware Classification Based on Various Machine Learning TechniquesProceedings of 2nd International Conference on Artificial Intelligence: Advances and Applications10.1007/978-981-16-6332-1_14(141-151)Online publication date: 14-Feb-2022
https://doi.org/10.1007/978-981-16-6332-1_14
Gao TZhao LLi XChen W(2021)Malware detection based on semi-supervised learning with malware visualizationMathematical Biosciences and Engineering10.3934/mbe.202130018:5(5995-6011)Online publication date: 2021
https://doi.org/10.3934/mbe.2021300
Gayathri TVijaya M(2020)Malware Family Classification Model Using User Defined Features and Representation LearningComputational Intelligence in Data Science10.1007/978-3-030-63467-4_14(185-195)Online publication date: 20-Nov-2020
https://doi.org/10.1007/978-3-030-63467-4_14
Tang MQian Q(2018)Dynamic API call sequence visualisation for malware classificationIET Information Security10.1049/iet-ifs.2018.5268Online publication date: 23-Oct-2018
https://doi.org/10.1049/iet-ifs.2018.5268
Lee YChoi SChoi JSong J(2017)A Lightweight Malware Classification Method Based on Detection Results of Anti-Virus Software2017 12th Asia Joint Conference on Information Security (AsiaJCIS)10.1109/AsiaJCIS.2017.20(5-9)Online publication date: Aug-2017
https://doi.org/10.1109/AsiaJCIS.2017.20
Choi JKim HChoi JSong J(2015)A Malware Classification Method Based on Generic Malware InformationProceeings, Part II, of the 22nd International Conference on Neural Information Processing - Volume 949010.1007/978-3-319-26535-3_38(329-336)Online publication date: 9-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-319-26535-3_38
Priya VSathya Sofia A(2023)Review on Malware Classification and Malware Detection Using Transfer Learning Approach2023 5th International Conference on Smart Systems and Inventive Technology (ICSSIT)10.1109/ICSSIT55814.2023.10061076(1042-1049)Online publication date: 23-Jan-2023
https://doi.org/10.1109/ICSSIT55814.2023.10061076
Tian DZhao RMa RJia XShen QHu CLiu W(2022)MDCD: A malware detection approach in cloud using deep learningTransactions on Emerging Telecommunications Technologies10.1002/ett.458433:11Online publication date: 18-Jun-2022
https://doi.org/10.1002/ett.4584
Zhang JGao CGong LGu ZMan DYang WLi W(2020)Malware Detection Based on Multi-level and Dynamic Multi-feature Using Ensemble Learning at HypervisorMobile Networks and Applications10.1007/s11036-019-01503-4Online publication date: 8-Jan-2020
https://doi.org/10.1007/s11036-019-01503-4
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Discriminant malware distance learning on structural information for automated malware classification

Discriminant malware distance learning on structuralinformation for automated malware classification

The Next Malware Battleground: Recovery After Unknown Infection