Ontology-based intelligent system for malware behavioral analysis

This paper proposes an ontology-based intelligent system for malware behavioral analysis. The design background and structure of the Taiwan Malware Analysis Net (TWMAN) are presented to analyze the malware behavior. The TWMAN is composed of the malware behavioral analysis agent and the ontology agent. All of the essential information of the TWMAN, including the malware behavioral ontology, which is store in an ontology repository. The malware behavioral analysis agent collects the malware behavioral information to build malware behavioral ontology and malware behavioral rules. The results from the system logs show that the TWMAN can work effectively based on the malware behavioral analysis to protect the computers from the attack of computer viruses and Trojans.

[1]  Joe Stewart Behavioural malware analysis using Sandnets , 2006 .

[2]  Felix C. Freiling,et al.  Toward Automated Dynamic Malware Analysis Using CWSandbox , 2007, IEEE Secur. Priv..

[3]  Ken Chiang,et al.  Farm: An automated malware analysis environment , 2008, 2008 42nd Annual IEEE International Carnahan Conference on Security Technology.

[4]  Carsten Willems,et al.  Learning and Classification of Malware Behavior , 2008, DIMVA.

[5]  Chong-Ching Chang,et al.  Intelligent ontological multi-agent for healthy diet planning , 2009, 2009 IEEE International Conference on Fuzzy Systems.

[6]  Xi Hongsheng,et al.  Application of CLIPS Expert System to Malware Detection System , 2008, 2008 International Conference on Computational Intelligence and Security.

[7]  Tala Tafazzoli,et al.  Malware fuzzy ontology for semantic web , 2008 .

[8]  Brendan Dolan-Gavitt,et al.  Forensic analysis of the Windows registry in memory , 2008, Digit. Investig..

[9]  Tom Cross,et al.  Emerging Cyber Threats Report for 2009 , 2008 .

[10]  Eric Filiol,et al.  Behavioral detection of malware: from a survey towards an established taxonomy , 2008, Journal in Computer Virology.

[11]  Chang-Shing Lee,et al.  Ontology-based computational intelligent multi-agent and its application to CMMI assessment , 2009, Applied Intelligence.

[12]  Amit Vasudevan MalTRAK: Tracking and Eliminating Unknown Malware , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).