Loading [MathJax]/extensions/MathZoom.js
Runs in the Family: Malware Family Variants Identification through API Sequence and Frequency Analysis | IEEE Conference Publication | IEEE Xplore

Runs in the Family: Malware Family Variants Identification through API Sequence and Frequency Analysis


Abstract:

Malware may be classified into various families according to several factors, such as the method of delivery to an infected computing system, behaviors performed by the m...Show More

Abstract:

Malware may be classified into various families according to several factors, such as the method of delivery to an infected computing system, behaviors performed by the malware on an infected system, or through the presence of key characteristics which can be recognized through malware signatures. Additionally, a given malware family may comprise of many variants which perform similarly on an infected system, yet differ from each other in some discernible way. In this paper, we show that understanding this difference in malware behavior among variants of the same malware family is possible through analysis of Windows API system call sequences and their related frequencies. This allows for the identification of changes in malware variant behavior and illustrates the relationships between malware families.
Date of Conference: 19-22 June 2023
Date Added to IEEE Xplore: 24 July 2023
ISBN Information:
Conference Location: Valencia, Spain

Contact IEEE to Subscribe

References

References is not available for this document.