Similarity analysis of malware's function-call graphs

The similarity analysis of malware is an important part of the current automatic analysis of malware.The paper proposes a new method of similarity analysis of malware based on function-call graphs.This method uses the similarity distance of malware's function-call graphs(called SDMFG)to measure the similarity of two malwares' function-call graphs,and then analyzes the similarity of the two malwares.This method improves the accuracy of similarity analysis of malware,providing a strong support for analysis of the homology and evolution characteristics of malware and malware detection and prevention.