Malwise-Malware Classification and Variant Extraction
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2013, Vol 13, Issue 1
Abstract
Malware, short for malicious software, means a variety of forms of intrusive, hostile or annoying program code or software. Malware is a pervasive problem in distributed computer and network systems. Malware variants often have distinct byte level representations while in principal belong to the same family of the malware. The byte level content is different because of small changes to the malware source code can result in significantly different compiled object code. In this project we describe malware variants with the umbrella term of polymorphism. We are the first to use the approach of structuring and decompilation to generate malware signatures. We employ both dynamic and static analysis to classify the malware. Entropy analysis was initially determines if the binary has undergone a code packing transformation. If a packed, dynamic analysis employing application level emulation reveals the hidden code using entropy analysis to detect when unpacking is complete. Static analysis is then identifies characteristics, the building signatures for control flow of graphs in each procedure. Then the similarities between the set of control flow graphs and those are in a malware database accumulate to establish a measure of similarity. A similarity search is performed on the malware database to find similar objects to the query. Additionally, a more effective approximate flow graph matching algorithm is proposed that uses the decompilation technique of structuring to generate string based signatures amenable to the string edit distance. We use real and synthetic malware to demonstrate the effectiveness and efficiency of Malwise
Authors and Affiliations
P Nikhila
Flexible Dynamic Recommender System
A Recommender System now becoming decision maker for the people who lack sufficient personal experience to evaluate the items that are on website. It provides recommendation for specific items such as books, news,...
Virtual Teaching and Painting Platform for the Colour Blind
Abstract: Education involves perception of colour and unfortunately some of us are not blessed with this gift of proper vision. Lacking the ability to distinguish certain colours is commonly known as Colour Blindne...
Brain Tumor Detection through MR Images: A Review of Literature
Abstract: A brain tumor is an abnormal growth of tissue in the brain or central spine that can disrupt proper brain function and creates an increasing pressure in the brain. This paper is intended to present a comprehens...
A Multi Core Hyper-Threaded Solution of a System of Linear Equations for Intelx64 Architecture
Abstract: A system of linear equations forms a very fundamental principal of linear algebra with very wide spread applications involving fields such as physics, chemistry and even electronics. With systems growing...
Design and Developing a Multicast Routing Protocol for Link Failure and Reliable Data Delivery.
MANET is a mobile Ad hoc network. It is a wireless and self organized network without infrastructure support. Ad hoc networks systems possess rapid deployment, robustness and flexibility. The problems of Ad ho...