Online analytical model of massive malware based on feature clusting
In order to improve the effectiveness and efficiency of mass malicious code analysis,an online analytical model was proposed including feature space construction,automatic feature extraction and fast clustering.Our research focused on the law of malware behavior and code string distribution by dynam...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2013-08-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.08.019/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539798880223232 |
|---|---|
| author | Xiao-lin XU Xiao-chun YUN Yong-lin ZHOU Xue-bin KANG |
| author_facet | Xiao-lin XU Xiao-chun YUN Yong-lin ZHOU Xue-bin KANG |
| author_sort | Xiao-lin XU |
| collection | DOAJ |
| description | In order to improve the effectiveness and efficiency of mass malicious code analysis,an online analytical model was proposed including feature space construction,automatic feature extraction and fast clustering.Our research focused on the law of malware behavior and code string distribution by dynamic and static techniques.In this model,a sample was described with its API and key code fragment.This model proposed a fast clustering approach to identify group samples that exhibit similar feature when applied this model to real-world malware collections.The result demonstrates that the proposed model is able to extract feature automatically,support streaming data clustering on large-scale,and achieve better precision. |
| format | Article |
| id | doaj-art-3c3b244ece664437b8680f1f6d28f9f8 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2013-08-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-3c3b244ece664437b8680f1f6d28f9f82025-01-14T06:41:07ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2013-08-013414615359674376Online analytical model of massive malware based on feature clustingXiao-lin XUXiao-chun YUNYong-lin ZHOUXue-bin KANGIn order to improve the effectiveness and efficiency of mass malicious code analysis,an online analytical model was proposed including feature space construction,automatic feature extraction and fast clustering.Our research focused on the law of malware behavior and code string distribution by dynamic and static techniques.In this model,a sample was described with its API and key code fragment.This model proposed a fast clustering approach to identify group samples that exhibit similar feature when applied this model to real-world malware collections.The result demonstrates that the proposed model is able to extract feature automatically,support streaming data clustering on large-scale,and achieve better precision.http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.08.019/malwareon-line analyticalfast clusteringfeature extraction |
| spellingShingle | Xiao-lin XU Xiao-chun YUN Yong-lin ZHOU Xue-bin KANG Online analytical model of massive malware based on feature clusting Tongxin xuebao malware on-line analytical fast clustering feature extraction |
| title | Online analytical model of massive malware based on feature clusting |
| title_full | Online analytical model of massive malware based on feature clusting |
| title_fullStr | Online analytical model of massive malware based on feature clusting |
| title_full_unstemmed | Online analytical model of massive malware based on feature clusting |
| title_short | Online analytical model of massive malware based on feature clusting |
| title_sort | online analytical model of massive malware based on feature clusting |
| topic | malware on-line analytical fast clustering feature extraction |
| url | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.08.019/ |
| work_keys_str_mv | AT xiaolinxu onlineanalyticalmodelofmassivemalwarebasedonfeatureclusting AT xiaochunyun onlineanalyticalmodelofmassivemalwarebasedonfeatureclusting AT yonglinzhou onlineanalyticalmodelofmassivemalwarebasedonfeatureclusting AT xuebinkang onlineanalyticalmodelofmassivemalwarebasedonfeatureclusting |