Statistical approach towards malware classification and detection

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

8 Citations (Scopus)
264 Downloads (Pure)

Abstract

Anti-virus companies receive extensive quantities of malware variants daily; therefore, it is essential to automatically classify them into their corresponding malware family. Here, we apply an efficient statistical approach to identify and render critical malicious patterns into malware families, which are essential elements of automated classification of known and unknown malware variants in large quantities. Critical malicious patterns are the most frequent basic blocks, which are present most often in one specific malware family, and comparatively less in all other malware families. By computing the distribution frequency of each distinct basic block residing in all the malware families, the importance of being a potential representative of a critical malicious pattern for a specific malware family is measured. This value is carefully computed by considering the population of each malware family, and the distribution frequency ratio of every distinct basic block among the different malware families. The results show that known and unknown malware variants can be effectively and accurately classified into their related malware family using this approach.

Original languageEnglish
Title of host publicationProceedings of 2016 SAI Computing Conference, SAI 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1093-1099
Number of pages7
ISBN (Print)9781467384605
DOIs
Publication statusPublished - 29 Aug 2016
Event2016 SAI Computing Conference, SAI 2016 - London, United Kingdom
Duration: 13 Jul 201615 Jul 2016

Conference

Conference2016 SAI Computing Conference, SAI 2016
Country/TerritoryUnited Kingdom
CityLondon
Period13/07/201615/07/2016

Keywords

  • Malicious Features
  • Malware Classification
  • Pattern Matching
  • Shared Code
  • Statistical

Fingerprint

Dive into the research topics of 'Statistical approach towards malware classification and detection'. Together they form a unique fingerprint.

Cite this