Statistical Analysis for Classification of Malicious Software

Statistical Analysis for Classification of Malicious Software

This paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is u...

Full description

Bibliographic Details
Main Authors: Evgeny Petrovich Tumoyan, Ksenia Vasilevna Tsyganok
Format: Article
Language:English
Published: Joint Stock Company "Experimental Scientific and Production Association SPELS 2014-09-01
Series:Безопасность информационных технологий
Subjects:
multidimensional scaling
WinAPI calls
viruses
Online Access:https://bit.mephi.ru/index.php/bit/article/view/180
Description
Summary:This paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is used to identify groups programs and classification of the programs.
ISSN:2074-7128
2074-7136

Similar Items