Statistical Analysis for Classification of Malicious Software
This paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is u...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Joint Stock Company "Experimental Scientific and Production Association SPELS
2014-09-01
|
| Series: | Безопасность информационных технологий |
| Subjects: | |
| Online Access: | https://bit.mephi.ru/index.php/bit/article/view/180 |
| _version_ | 1797705782268002304 |
|---|---|
| author | Evgeny Petrovich Tumoyan Ksenia Vasilevna Tsyganok |
| author_facet | Evgeny Petrovich Tumoyan Ksenia Vasilevna Tsyganok |
| author_sort | Evgeny Petrovich Tumoyan |
| collection | DOAJ |
| description | This paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is used to identify groups programs and classification of the programs. |
| first_indexed | 2024-03-12T05:42:27Z |
| format | Article |
| id | doaj.art-5fdd707c2bfb433696f15b2e127b5f7a |
| institution | Directory Open Access Journal |
| issn | 2074-7128 2074-7136 |
| language | English |
| last_indexed | 2024-03-12T05:42:27Z |
| publishDate | 2014-09-01 |
| publisher | Joint Stock Company "Experimental Scientific and Production Association SPELS |
| record_format | Article |
| series | Безопасность информационных технологий |
| spelling | doaj.art-5fdd707c2bfb433696f15b2e127b5f7a2023-09-03T05:56:48ZengJoint Stock Company "Experimental Scientific and Production Association SPELSБезопасность информационных технологий2074-71282074-71362014-09-01213180Statistical Analysis for Classification of Malicious SoftwareEvgeny Petrovich Tumoyan0Ksenia Vasilevna Tsyganok1Southern Federal UniversitySouthern Federal UniversityThis paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is used to identify groups programs and classification of the programs.https://bit.mephi.ru/index.php/bit/article/view/180multidimensional scalingWinAPI callsviruses |
| spellingShingle | Evgeny Petrovich Tumoyan Ksenia Vasilevna Tsyganok Statistical Analysis for Classification of Malicious Software Безопасность информационных технологий multidimensional scaling WinAPI calls viruses |
| title | Statistical Analysis for Classification of Malicious Software |
| title_full | Statistical Analysis for Classification of Malicious Software |
| title_fullStr | Statistical Analysis for Classification of Malicious Software |
| title_full_unstemmed | Statistical Analysis for Classification of Malicious Software |
| title_short | Statistical Analysis for Classification of Malicious Software |
| title_sort | statistical analysis for classification of malicious software |
| topic | multidimensional scaling WinAPI calls viruses |
| url | https://bit.mephi.ru/index.php/bit/article/view/180 |
| work_keys_str_mv | AT evgenypetrovichtumoyan statisticalanalysisforclassificationofmalicioussoftware AT kseniavasilevnatsyganok statisticalanalysisforclassificationofmalicioussoftware |