An Enhanced Automated Signature Generation Algorithm for Polymorphic Malware Detection

被引:2
|
作者
Ke Tang
机构
来源
Journal of Electronic Science and Technology | 2010年 / 8卷 / 02期
基金
新加坡国家研究基金会; 中国国家自然科学基金;
关键词
Entropy; false positive ratio; Mahalanobis distance; polymorphic malware; signature generation;
D O I
暂无
中图分类号
TP393.08 [];
学科分类号
0839 ; 1402 ;
摘要
Polymorphic malware is a secure menace for application of computer network systems because hacker can evade detection and launch stealthy attacks. In this paper, a novel enhanced automated signature generation (EASG) algorithm to detect polymorphic malware is proposed. The EASG algorithm is composed of enhanced-expectation maximum algorithm and enhanced K-means clustering algorithm. In EASG algorithm, the fixed threshold value is replaced by the decision threshold of interval area. The false positive ratio can be controlled at low level, and the iterative operations and the execution time are effectively reduced. Moreover, the centroid updating is realized by application of similarity metric of Mahalanobis distance and incremental learning. Different malware group families are partitioned by the centroid updating.
引用
收藏
页码:114 / 121
页数:8
相关论文
共 50 条
  • [1] Signature generation and detection of malware families
    Sathyanarayan, V. Sai
    Kohli, Pankaj
    Bruhadeshwar, Bezawada
    INFORMATION SECURITY AND PRIVACY, 2008, 5107 : 336 - 349
  • [2] Optimal Position Searching for Automated Malware Signature Generation
    Choi, Yangseo
    Oh, Jintae
    Lee, Jeonggun
    Ryou, Jaecheol
    ISCE: 2009 IEEE 13TH INTERNATIONAL SYMPOSIUM ON CONSUMER ELECTRONICS, VOLS 1 AND 2, 2009, : 305 - +
  • [3] Automated signature generation algorithm for polymorphic worms based on improved TF-IDF
    Wang F.
    Yang S.
    Zhao D.
    Wang C.
    Huazhong Keji Daxue Xuebao (Ziran Kexue Ban)/Journal of Huazhong University of Science and Technology (Natural Science Edition), 2020, 48 (02): : 79 - 84
  • [4] Polymorphic Malware Detection
    Selamat, Nur Syuhada
    Ali, Fakariah Hani Mohd
    Abu Othman, Noor Ashitah
    2016 6TH INTERNATIONAL CONFERENCE ON IT CONVERGENCE AND SECURITY (ICITCS 2016), 2016, : 274 - 278
  • [5] MalHunter: Automatic generation of multiple behavioral signatures for polymorphic malware detection
    Razeghi Borojerdi, Haniye
    Abadi, Mahdi
    Proceedings of the 3rd International Conference on Computer and Knowledge Engineering, ICCKE 2013, 2013, : 430 - 436
  • [6] MalHunter: Automatic Generation of Multiple Behavioral Signatures for Polymorphic Malware Detection
    Borojerdi, Haniye Razeghi
    Abadi, Mahdi
    PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON COMPUTER AND KNOWLEDGE ENGINEERING (ICCKE 2013), 2013, : 430 - 436
  • [7] SISG: self-immune automated signature generation for polymorphic worms
    Zhang Xiaosong
    Chen Ting
    Chen Dapeng
    Liu Zhi
    COMPEL-THE INTERNATIONAL JOURNAL FOR COMPUTATION AND MATHEMATICS IN ELECTRICAL AND ELECTRONIC ENGINEERING, 2010, 29 (02) : 445 - 467
  • [8] HONEYCYBER: AUTOMATED SIGNATURE GENERATION FOR ZERO-DAY POLYMORPHIC WORMS
    Mohammed, Mohssen M. Z. E.
    Chan, H. Anthony
    Ventura, Neco
    2008 IEEE MILITARY COMMUNICATIONS CONFERENCE: MILCOM 2008, VOLS 1-7, 2008, : 980 - 985
  • [9] An Automated Signature Generation Approach for Polymorphic Worm Based on Color Coding
    Wang, Jie
    Wang, Jianxin
    Chen, Jianer
    Zhang, Xi
    2009 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-8, 2009, : 926 - +
  • [10] Automated signature generation approach for polymorphic worm based on color coding
    Wang J.
    Wang J.-X.
    Chen J.-E.
    Ruan Jian Xue Bao/Journal of Software, 2010, 21 (10): : 2599 - 2609
12345