Malwise-Malware Classification and Variant Extraction

Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2013, Vol 13, Issue 1

Abstract

 Malware, short for malicious software, means a variety of forms of intrusive, hostile or annoying program code or software. Malware is a pervasive problem in distributed computer and network systems.  Malware variants often have distinct byte level representations while in principal belong to the same family of  the malware. The byte level content is different because of small changes to the malware source code can result  in significantly different compiled object code. In this project we describe malware variants with the umbrella  term of polymorphism. We are the first to use the approach of structuring and decompilation to generate  malware signatures. We employ both dynamic and static analysis to classify the malware. Entropy analysis was initially determines if the binary has undergone a code packing transformation. If a packed, dynamic analysis  employing application level emulation reveals the hidden code using entropy analysis to detect when unpacking  is complete. Static analysis is then identifies characteristics, the building signatures for control flow of graphs  in each procedure. Then the similarities between the set of control flow graphs and those are in a malware database accumulate to establish a measure of similarity. A similarity search is performed on the malware  database to find similar objects to the query. Additionally, a more effective approximate flow graph matching  algorithm is proposed that uses the decompilation technique of structuring to generate string based signatures  amenable to the string edit distance. We use real and synthetic malware to demonstrate the effectiveness and  efficiency of Malwise

Authors and Affiliations

P Nikhila

Keywords

Related Articles

Using Geographic Information Systems to develop decision support system for supplier selection in batik industry

Abstract: This study has two purpose. First, this study aims to analyse the requirements of batik industry on effective and powerful software to select their supplier effectively. Second, this study aims to design, build...

 The Theoretical Analysis of Experimental Research

Abstract: Among the various research methods, the experiment is particularly suitable for cause and effect relationships. Through observation one finds many things that occur together, but observation alone cannot determ...

 Chip Implementation of Text Encryption and Decryption Algorithms

 Abstract: Cryptography is the science of using mathematics to encrypt and decrypt data. It enables to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except t...

 Storage Data Security of Data in Cloud Computing

 Abstract: Cloud Computing refers to the many different types of services and applications being delivered in the internet cloud, and the fact that, in many cases, the devices used to access these services and appli...

Download PDF file
  • EP ID EP151561
  • DOI -
  • Views 101
  • Downloads 0

How To Cite

P Nikhila (2013).  Malwise-Malware Classification and Variant Extraction. IOSR Journals (IOSR Journal of Computer Engineering), 13(1), 61-66. https://europub.co.uk/articles/-A-151561