Abstract:
Malware may be classified into various families according to several factors, such as the method of delivery to an infected computing system, behaviors performed by the m...Show MoreMetadata
Abstract:
Malware may be classified into various families according to several factors, such as the method of delivery to an infected computing system, behaviors performed by the malware on an infected system, or through the presence of key characteristics which can be recognized through malware signatures. Additionally, a given malware family may comprise of many variants which perform similarly on an infected system, yet differ from each other in some discernible way. In this paper, we show that understanding this difference in malware behavior among variants of the same malware family is possible through analysis of Windows API system call sequences and their related frequencies. This allows for the identification of changes in malware variant behavior and illustrates the relationships between malware families.
Published in: 2023 International Conference on Multimedia Computing, Networking and Applications (MCNA)
Date of Conference: 19-22 June 2023
Date Added to IEEE Xplore: 24 July 2023
ISBN Information: