Internet Archive Scholar

Mining distinguishing patterns based on malware traces

Xiaoyan Sun, Qian Huang, Yuefei Zhu, Ning Guo
2010 2010 3rd International Conference on Computer Science and Information Technology  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (262.1 kB)
https://web.archive.org/web/20170812003111/http://www.meeting.edu.cn/meeting/UploadPapers/1281493860625.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

The automatic generation of malicious behavior pattern based on system call trace is important to malware detection. This paper studied the existing generation method of malicious behavior specification. In order to reduce the complexity of pattern generation, it constructs graph which vertex label is unique, and uses these graphs to mine the pattern. To address the issue of limitation of the minimal contrast subgraph mining method, it uses multiple positive and negative samples, and proposes a
more » ... mining method to mine distinguishing patterns based on mutual information. It designs the overall framework of mining process, and gives the mining algorithm. Finally, validation results demonstrate the effectiveness.
doi:10.1109/iccsit.2010.5565105 fatcat:f5brhxedxffqlgcbgw7ns5sayy
Citation

Xiaoyan Sun, Qian Huang, Yuefei Zhu, Ning Guo. "Mining distinguishing patterns based on malware traces." 2010 3rd International Conference on Computer Science and Information Technology (2010)