Metamorphic malware detection technology based on aggregating emerging patterns

Jingfeng Xue; Changzhen Hu; Kunsheng Wang; Rui Ma; Jiaxin Zou

doi:10.1145/1655925.1656162

Metamorphic malware detection technology based on aggregating emerging patterns

Jingfeng Xue^*, Changzhen Hu, Kunsheng Wang, Rui Ma, Jiaxin Zou

^*此作品的通讯作者

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

4 引用（Scopus）

摘要

Obfuscating technology is used widely in metamorphic malware and most of current detection methods fail to completely identify such ever-increasingly covert metamorphic malware. In this paper, system call sequences in the process of software execution are researched and metamorphic malware detection method based on aggregating emerging patterns is proposed. Experimental results show most metamorphic malware can be detected effectively by this method and it has higher detection rate and lower false alarm rate when the minimum support and growth rate thresholds are set reasonably.

源语言	英语
主期刊名	Proceedings of 2nd International Conference on Interaction Sciences
主期刊副标题	Information Technology, Culture and Human
页	1293-1296
页数	4
DOI	https://doi.org/10.1145/1655925.1656162
出版状态	已出版 - 2009
活动	2nd International Conference on Interaction Sciences: Information Technology, Culture and Human, ICIS 2009 - Seoul, 韩国期限: 24 11月 2009 → 26 11月 2009

出版系列

姓名	ACM International Conference Proceeding Series
卷	403

会议

会议	2nd International Conference on Interaction Sciences: Information Technology, Culture and Human, ICIS 2009
国家/地区	韩国
市	Seoul
时期	24/11/09 → 26/11/09

访问文件

10.1145/1655925.1656162

其它文件与链接

链接到 Scopus 的出版物

引用此

@inproceedings{808a609282214fc99bcccde1ebf2ea3e,

title = "Metamorphic malware detection technology based on aggregating emerging patterns",

abstract = "Obfuscating technology is used widely in metamorphic malware and most of current detection methods fail to completely identify such ever-increasingly covert metamorphic malware. In this paper, system call sequences in the process of software execution are researched and metamorphic malware detection method based on aggregating emerging patterns is proposed. Experimental results show most metamorphic malware can be detected effectively by this method and it has higher detection rate and lower false alarm rate when the minimum support and growth rate thresholds are set reasonably.",

keywords = "Emerging patterns, Metamorphic malware, Software security, System call",

author = "Jingfeng Xue and Changzhen Hu and Kunsheng Wang and Rui Ma and Jiaxin Zou",

year = "2009",

doi = "10.1145/1655925.1656162",

language = "English",

isbn = "9781605587103",

series = "ACM International Conference Proceeding Series",

pages = "1293--1296",

booktitle = "Proceedings of 2nd International Conference on Interaction Sciences",

note = "2nd International Conference on Interaction Sciences: Information Technology, Culture and Human, ICIS 2009 ; Conference date: 24-11-2009 Through 26-11-2009",

}

Xue, J , Hu, C, Wang, K, Ma, R & Zou, J 2009, Metamorphic malware detection technology based on aggregating emerging patterns. 在 Proceedings of 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human. ACM International Conference Proceeding Series, 卷 403, 页码 1293-1296, 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human, ICIS 2009, Seoul, 韩国, 24/11/09. https://doi.org/10.1145/1655925.1656162

Metamorphic malware detection technology based on aggregating emerging patterns. / Xue, Jingfeng ; Hu, Changzhen; Wang, Kunsheng 等.
Proceedings of 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human. 2009. 页码 1293-1296 (ACM International Conference Proceeding Series; 卷 403).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - Metamorphic malware detection technology based on aggregating emerging patterns

AU - Xue, Jingfeng

AU - Hu, Changzhen

AU - Wang, Kunsheng

AU - Ma, Rui

AU - Zou, Jiaxin

PY - 2009

Y1 - 2009

N2 - Obfuscating technology is used widely in metamorphic malware and most of current detection methods fail to completely identify such ever-increasingly covert metamorphic malware. In this paper, system call sequences in the process of software execution are researched and metamorphic malware detection method based on aggregating emerging patterns is proposed. Experimental results show most metamorphic malware can be detected effectively by this method and it has higher detection rate and lower false alarm rate when the minimum support and growth rate thresholds are set reasonably.

AB - Obfuscating technology is used widely in metamorphic malware and most of current detection methods fail to completely identify such ever-increasingly covert metamorphic malware. In this paper, system call sequences in the process of software execution are researched and metamorphic malware detection method based on aggregating emerging patterns is proposed. Experimental results show most metamorphic malware can be detected effectively by this method and it has higher detection rate and lower false alarm rate when the minimum support and growth rate thresholds are set reasonably.

KW - Emerging patterns

KW - Metamorphic malware

KW - Software security

KW - System call

UR - http://www.scopus.com/inward/record.url?scp=74949094156&partnerID=8YFLogxK

U2 - 10.1145/1655925.1656162

DO - 10.1145/1655925.1656162

M3 - Conference contribution

AN - SCOPUS:74949094156

SN - 9781605587103

T3 - ACM International Conference Proceeding Series

SP - 1293

EP - 1296

BT - Proceedings of 2nd International Conference on Interaction Sciences

T2 - 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human, ICIS 2009

Y2 - 24 November 2009 through 26 November 2009

ER -

Metamorphic malware detection technology based on aggregating emerging patterns

摘要

出版系列

会议

访问文件

其它文件与链接

指纹

引用此