An IT2FLS-Based Malware Analysis Mechanism: Malware Analysis Network in Taiwan (MiT)

Malware is one of the problems really existing in the modern post-industrial society. Hackers continuously develop novel techniques to intrude into computer systems for various reasons, so many security researchers should analyze and track new malicious program to protect sensitive information for the computer system. In this paper, we integrate the Interval Type-2 Fuzzy Logic System (IT2FLS) with malware behavioral analysis: Malware Analysis Network in Taiwan (MAN in Taiwan, MiT, and http://MiT.TWMAN.ORG). The core techniques of MiT are as follows: (1) automatically collect the logs the difference operation system to extract unknown behavior information. Also, MiT is able to automatically provide and share samples and reports via the cloud storage mechanism, (2) integrate with IT2FLS to construct the malware analysis domain knowledge for the malware behavior. Simulation results show that the proposed approach can effectively execute the malware behavior analysis, and the constructed system has also been released under GNU General Public License version 3.

[1]  Sy-Yen Kuo,et al.  Malware Profiler Based on Innovative Behavior-Awareness Technique , 2011, 2011 IEEE 17th Pacific Rim International Symposium on Dependable Computing.

[2]  Giovanni Acampora,et al.  Applying FML and Fuzzy Ontologies to malware behavioural analysis , 2011, 2011 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE 2011).

[3]  Hani Hagras,et al.  An Interval Type-2 Fuzzy Logic System for Human Silhouette Extraction in Dynamic Environments , 2012, AIS.

[4]  Raymond Y. K. Lau,et al.  Toward a Fuzzy Domain Ontology Extraction Method for Adaptive e-Learning , 2009, IEEE Transactions on Knowledge and Data Engineering.

[5]  Chang-Shing Lee,et al.  A fuzzy ontology and its application to news summarization , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[6]  Giovanni Acampora,et al.  A Proposal of an Open Ubiquitous Fuzzy Computing System for Ambient Intelligence , 2007, Computational Intelligence for Agent-based Systems.

[7]  Hani Hagras,et al.  Fuzzy Markup Language for Malware Behavioral Analysis , 2013, On the Power of Fuzzy Markup Language.

[8]  Sy-Yen Kuo,et al.  Holography: a behavior‐based profiler for malware analysis , 2012, Softw. Pract. Exp..

[9]  Engin Kirda,et al.  Insights into current malware behavior , 2009 .

[10]  Hani Hagras,et al.  Adaptive Non-singleton Type-2 Fuzzy Logic Systems: A Way Forward for Handling Numerical Uncertainties in Real World Applications , 2011, Int. J. Comput. Commun. Control.

[11]  Siu Cheung Hui,et al.  Automatic fuzzy ontology generation for semantic Web , 2006, IEEE Transactions on Knowledge and Data Engineering.

[12]  Hani Hagras,et al.  Towards the Wide Spread Use of Type-2 Fuzzy Logic Systems in Real World Applications , 2012, IEEE Computational Intelligence Magazine.

[13]  Albert Orriols-Puig,et al.  Fuzzy knowledge representation study for incremental learning in data streams and classification problems , 2011, Soft Comput..

[14]  Radu State,et al.  Malware behaviour analysis , 2008, Journal in Computer Virology.

[15]  J. Mendel Uncertain Rule-Based Fuzzy Logic Systems: Introduction and New Directions , 2001 .

[16]  Chang-Shing Lee,et al.  IT2FS-based ontology with soft-computing mechanism for malware behavior analysis , 2014, Soft Comput..

[17]  Dongrui Wu,et al.  On the Fundamental Differences Between Interval Type-2 and Type-1 Fuzzy Logic Controllers , 2012, IEEE Transactions on Fuzzy Systems.

[18]  Chang-Shing Lee,et al.  Malware behavioral analysis system: TWMAN , 2011, 2011 IEEE Symposium on Intelligent Agent (IA).

[19]  Chi-Sung Laih,et al.  Malware Virtualization-Resistant Behavior Detection , 2011, 2011 IEEE 17th International Conference on Parallel and Distributed Systems.

[20]  Giovanni Acampora,et al.  Fuzzy control interoperability and scalability for adaptive domotic framework , 2005, IEEE Transactions on Industrial Informatics.

[21]  Koji Nakao,et al.  Malware Behavior Analysis in Isolated Miniature Network for Revealing Malware's Network Activity , 2008, 2008 IEEE International Conference on Communications.

[22]  Mei-Hui Wang,et al.  A Fuzzy Expert System for Diabetes Decision Support Application , 2011, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[23]  Hani Hagras,et al.  TWMAN+: A Type-2 fuzzy ontology model for malware behavior analysis , 2012, 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[24]  Felix C. Freiling,et al.  Toward Automated Dynamic Malware Analysis Using CWSandbox , 2007, IEEE Secur. Priv..

[25]  Vincenzo Loia,et al.  OWL-FC: an upper ontology for semantic modeling of Fuzzy Control , 2012, Soft Comput..

[26]  Hani Hagras,et al.  A Type-2 Fuzzy Ontology and Its Application to Personal Diabetic-Diet Recommendation , 2010, IEEE Transactions on Fuzzy Systems.

[27]  Umberto Straccia,et al.  Representing fuzzy ontologies in OWL 2 , 2010, International Conference on Fuzzy Systems.