Detailed Information

Cited 0 time in webofscience Cited 0 time in scopus
Metadata Downloads

Mal-Netminer: Malware Classification Approach Based on Social Network Analysis of System Call Graph

Authors
Jang, Jae-wookWoo, JiyoungMohaisen, AzizYun, JaesungKim, Huy Kang
Issue Date
2015
Publisher
HINDAWI LTD
Citation
MATHEMATICAL PROBLEMS IN ENGINEERING, v.2015
Indexed
SCIE
SCOPUS
Journal Title
MATHEMATICAL PROBLEMS IN ENGINEERING
Volume
2015
URI
https://scholar.korea.ac.kr/handle/2021.sw.korea/133189
DOI
10.1155/2015/769624
ISSN
1024-123X
Abstract
As the security landscape evolves over time, where thousands of species of malicious codes are seen every day, antivirus vendors strive to detect and classify malware families for efficient and effective responses against malware campaigns. To enrich this effort and by capitalizing on ideas from the social network analysis domain, we build a tool that can help classify malware families using features driven from the graph structure of their system calls. To achieve that, we first construct a system call graph that consists of system calls found in the execution of the individual malware families. To explore distinguishing features of various malware species, we study social network properties as applied to the call graph, including the degree distribution, degree centrality, average distance, clustering coefficient, network density, and component ratio. We utilize features driven from those properties to build a classifier for malware families. Our experimental results show that "influence-based" graph metrics such as the degree centrality are effective for classifying malware, whereas the general structural metrics of malware are less effective for classifying malware. Our experiments demonstrate that the proposed system performs well in detecting and classifying malware families within each malware class with accuracy greater than 96%.
Files in This Item
There are no files associated with this item.
Appears in
Collections
School of Cyber Security > Department of Information Security > 1. Journal Articles

qrcode

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.

Altmetrics

Total Views & Downloads

BROWSE