论文信息 - Malware Behaviour Visualization

Malware Behaviour Visualization

The number of unique malware variants released each year is on the rise. Researchers may often need to use manual static and dynamic analysis to study new malware samples. Manual analysis of malware samples takes time. The more time taken to analyse a malware sample, the larger the damage that a malware can inflict. A lot of techniques have been devised by researchers to facilitate malware analysis and one of them is through malware visualization. Malware visualization is a field that focuses on representing malware features in the form of visual cues or images. This could be used to convey more information about a particular malware. Existing malware visualization techniques lack focus in visualizing malware behaviour in such a way that could enable better analysis of malware samples. In this paper, a new technique for malware visualization called ‘Malware Behaviour Image’ is presented. From the test results, the proposed technique is able to accurately capture and highlight malicious behaviour of malware samples, and can be used for malware analysis, detection and identification of malware variants.

Mohd Aizaini Maarof | Syed Zainudeen Mohd Shaid | M. A. Maarof

[1] B. S. Manjunath,et al. Malware images: visualization and automatic classification , 2011, VizSec '11.

[2] FuYong Zhang,et al. Using IRP for Malware Detection , 2010, RAID.

[3] Lorie M. Liebrock,et al. Visualizing compiled executables for malware analysis , 2009, 2009 6th International Workshop on Visualization for Cyber Security.

[4] Kyung-suk Lhee,et al. Classification of packet contents for malware detection , 2011, Journal in Computer Virology.

[5] Xuxian Jiang,et al. Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction , 2007, CCS '07.

[6] Miroslaw Skrzewski. Flow Based Algorithm for Malware Traffic Detection , 2011, CN.

[7] Christopher Krügel,et al. A survey on automated dynamic malware-analysis techniques and tools , 2012, CSUR.

[8] Vijay Laxmi,et al. MEDUSA: MEtamorphic malware dynamic analysis usingsignature from API , 2010, SIN.

[9] John D. Hunter,et al. Matplotlib: A 2D Graphics Environment , 2007, Computing in Science & Engineering.

[10] Vinod Yegneswaran,et al. A comparative assessment of malware classification using binary texture analysis and dynamic analysis , 2011, AISec '11.

[11] Felix C. Freiling,et al. Visual analysis of malware behavior using treemaps and thread graphs , 2009, 2009 6th International Workshop on Visualization for Cyber Security.