Abstract
The number of malware has sharply increased over years, and it caused various damages on computing systems and data. In this paper, we propose techniques to detect malware variants. Malware authors usually reuse malware modules when they generate new malware or malware variants. Therefore, malware variants have common code for some functions in their binary files. We focused on this common code in this research, and proposed the techniques to detect malware variants through similarity calculation of user-defined function. Since many malware variants evade malware detection system by transforming their static signatures, to cope with this problem, we applied pattern matching algorithms for DNA variations in Bioinformatics to similarity calculation of malware binary files. Since the pattern matching algorithm we used provides the local alignment function, small modification of functions can be overcome. Experimental results show that our proposed method can detect malware similarity and it is more resilient than other methods.
Original language | English |
---|---|
Title of host publication | RACS 2014 |
Subtitle of host publication | Proceedings of the 2014 Conference on Research in Adaptive and Convergent Systems |
Place of Publication | New York |
Publisher | Association for Computing Machinery, Inc |
Pages | 236-241 |
Number of pages | 6 |
ISBN (Electronic) | 9781450330602 |
DOIs | |
Publication status | Published - 5 Oct 2014 |
Externally published | Yes |
Event | 2014 Conference on Research in Adaptive and Convergent Systems, RACS 2014 - Towson, United States Duration: 5 Oct 2014 → 8 Oct 2014 |
Other
Other | 2014 Conference on Research in Adaptive and Convergent Systems, RACS 2014 |
---|---|
Country/Territory | United States |
City | Towson |
Period | 5/10/14 → 8/10/14 |
Keywords
- Malware analysis
- Smith-Waterman algorithm
- Static analysis