Malware Function Estimation Using API in Initial Behavior | Zendy

Naoto Kawaguchi | Zendy; Kazumasa Omote | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Malware Function Estimation Using API in Initial Behavior

Author(s) -

Naoto Kawaguchi,

Kazumasa Omote

Publication year - 2016

Publication title -

ieice transactions on fundamentals of electronics communications and computer sciences

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.188

H-Index - 52

eISSN - 1745-1337

pISSN - 0916-8508

DOI - 10.1587/transfun.e100.a.167

Subject(s) - malware , computer science , cryptovirology , malware analysis , function (biology) , machine learning , sophistication , data mining , artificial intelligence , computer security , evolutionary biology , biology , social science , sociology

Malware proliferation has become a serious threat to the Internet in recent years. Most current malware are subspecies of existing malware that have been automatically generated by illegal tools. To conduct an efficient analysis of malware, estimating their functions in advance is effective when we give priority to analyze malware. However, estimating the malware functions has been difficult due to the increasing sophistication of malware. Actually, the previous researches do not estimate the functions of malware sufficiently. In this paper, we propose a new method which estimates the functions of unknown malware from APIs or categories observed by dynamic analysis on a host. We examine whether the proposed method can correctly estimate the malware functions by the supervised machine learning techniques. The results show that our new method can estimate the malware functions with the average accuracy of 83.4% using API information

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research