Exploring Timeline-Based Malware Classification

Abstract : Over the decades or so, Anti-Malware (AM) communities have been faced with a substantial increase in malware activity, including the development of ever-more-sophisticated methods of evading detection. Researchers have argued that an AM strategy which is successful in a given time period cannot work at a much later date due to the changes in malware design. Despite this argument, in this paper, we convincingly demonstrate a malware detection approach, which retains high accuracy over an extended time period. To the best of our knowledge, this work is the first to examine malware executables collected over a span of 10 years.  By combining both static and dynamic features of malware and cleanware, and accumulating these features over intervals in the 10-year period in our test, we construct a high accuracy malware detection method which retains almost steady accuracy over the period. While the trend is a slight down, our results strongly support the hypothesis that perhaps it is possible to develop a malware detection strategy that can work well enough into the future.
Type de document :
Communication dans un congrès
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.1-13, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_1〉
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01463831
Contributeur : Hal Ifip <>
Soumis le : jeudi 9 février 2017 - 17:23:57
Dernière modification le : jeudi 9 février 2017 - 17:37:20
Document(s) archivé(s) le : mercredi 10 mai 2017 - 14:48:20

Fichier

978-3-642-39218-4_1_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Rafiqul Islam, Irfan Altas, Md. Islam. Exploring Timeline-Based Malware Classification. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.1-13, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_1〉. 〈hal-01463831〉

Partager

Métriques

Consultations de la notice

227

Téléchargements de fichiers

127