Fast malware family detection method using control flow graphs
Proceedings of the 2011 ACM Symposium on Research in Applied Computation, 2011•dl.acm.org
As attackers make variants of existing malware, it is possible to detect unknown malware by
comparing with already-known malware's information. Control flow graphs have been used
in dynamic analysis of program source code. In this paper, we proposed a new method
which can analyze and detect malware binaries using control flow graphs and Bloom filter
by abstracting common characteristics of malware families. The experimental results
showed that processing overhead of our proposed method is much lower than n-gram …
comparing with already-known malware's information. Control flow graphs have been used
in dynamic analysis of program source code. In this paper, we proposed a new method
which can analyze and detect malware binaries using control flow graphs and Bloom filter
by abstracting common characteristics of malware families. The experimental results
showed that processing overhead of our proposed method is much lower than n-gram …
As attackers make variants of existing malware, it is possible to detect unknown malware by comparing with already-known malware's information. Control flow graphs have been used in dynamic analysis of program source code. In this paper, we proposed a new method which can analyze and detect malware binaries using control flow graphs and Bloom filter by abstracting common characteristics of malware families. The experimental results showed that processing overhead of our proposed method is much lower than n-gram based methods.
ACM Digital LibraryShowing the best result for this search. See all results