By Topic

AOS: An optimized sandbox method used in behavior-based malware detection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

6 Author(s)
Hong Jhe Li ; Dept. of Comput. Sci. & Inf. Eng., Nat. Taiwan Univ. of Sci. & Technol., Taipei, Taiwan ; Chia-Wei Tien ; Chin-Wei Tien ; Chih-Hung Lin
more authors

Malware (malicious software) has been widely spread through our computers in the world that many antivirus vendors use signature-based method to detect them. However, the update rate of the virus signature database can never catch up the creation rate of the new malware variants. Using CSS (Crystal Security Sandbox) that monitors the Windows Portable Executable (PE) file execution and generates a sanitized intermediate result for classifying the malware is an emerging research in malware detection. Although the sanitized intermediate result is sufficient to depict the behaviors of malware, it is still a bit too long, too redundant, and too tedious to deal with efficiently. Therefore we compress and sieve the sanitized intermediate result to derive 90% fewer brief expressions which not only reduce the size of data, but also maintain above 93% accuracy rate and less 7 % error rate.

Published in:

Machine Learning and Cybernetics (ICMLC), 2011 International Conference on  (Volume:1 )

Date of Conference:

10-13 July 2011