Affiliation:
1. Department of Information Management, National Sun Yat-sen University, Kaohsiung, Taiwan
Abstract
This article describes how honeypots and intrusion detection systems serve as major mechanisms for security administrators to collect a variety of sample viruses and malware for further analysis, classification, and system protection. However, increased variety and complexity of malware makes the analysis and classification challenging, especially when efficiency and timely response are two contradictory yet equally significant criteria in malware classification. Besides, similarity-based classifications exhibit insufficiency because the mutation and fuzzification of malware exacerbate classification difficulties. In order to improve malware classification speed and attend to mutation, this research proposes the ameliorated progressive classification that integrates static analysis and improved k-means algorithm. This proposed classification aims at assisting network administrators to have a malware classification preprocess and make efficient malware classifications upon the capture of new malware, thus enhancing the defense against malware.
Reference28 articles.
1. Agrawal, H., Bahler, L., Micallef, J., Snyder, S., & Virodov, A. (2012, October29 -November 1). Detection of global, metamorphic malware variants using control and data flow analysis. Paper presented at the MILCOM 2012 - 2012 IEEE Military Communications Conference, Melbourne, FL.
2. Malware detection based on evolving clustering method for classification.;A.Altaher;Scientific Research and Essays,2012
3. Annervaz, K. M., Kaulgud, V., Misra, J., Sengupta, S., Titus, G., & Munshi, A. (2013, September). Code clustering workbench. Paper presented at the KI 2007: KI 2007: Advances in Artificial Intelligence, Eindhoven, Netherlands.
4. Malwise—An Effective and Efficient Classification System for Packed and Polymorphic Malware
5. Integrating Dynamic Analysis Using Clustering Techniques for local Malware in Indonesia