Characterising Malicious Software with High-Level Behavioural Patterns

Stastna, Jana; Tomášek, Martin

doi:10.1007/978-3-319-51963-0_37

Cited by 1 publication

(4 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First, we investigated what kinds of data are provided by the service and which of them have a potential for determining whether behavioural patterns are present among samples of the same type of malware. We succeeded in our efforts and behavioural patterns on high-level of abstraction have been found [7]. The research continued with advanced inspection of data from malware analyses that we gathered.…”

Section: High-level Malware Behavioural Patternsmentioning

confidence: 92%

“…As it turned out, there were groups of distinct malicious samples, belonging to the same types of infiltrations (malware signatures), which performed actions according to some pattern. In our initial [7] we used formal notation to define high-level behavioural patterns as 12-tuple p label of elements:…”

Section: High-level Malware Behavioural Patternsmentioning

confidence: 99%

“…Thus, variability of behaviour occurrences was introduced in our work [7] by defining a set V label of n-tuples v l k , which capture behaviour with varied occurrence and possibly group behaviours with potential interdependence (Equation 2):…”

Section: High-level Malware Behavioural Patternsmentioning

confidence: 99%

“…The definition of pattern with variability of behaviour occurrences (Equation 2) is further explained and practical application is demonstrated in our work [7].…”

Section: High-level Malware Behavioural Patternsmentioning

confidence: 99%

See 3 more Smart Citations

High-Level Malware Behavioural Patterns: Extractability Evaluation

Stastna

Tomášek

2017

Proceedings of the 2017 Federated Conference on Computer Science and Information Systems

Self Cite

View full text Add to dashboard Cite

Abstract-Many promising malware research projects focus on malware behaviour analysis, however, in the end they tend to build new detection systems and stick to measuring detection ratios. Our approach focuses on malware behavioural analysis for defining (characterising) malicious software on rather high level of abstraction, in order to break the endless cycle of evolving malware and malware analysts trying to catch up on new threats. As our research outlines, even such high-level behavioural information as numbers of occurrences of some behavioural events, can be successfully extracted from program samples and interpreted for extraction of repeating behavioural patterns. While this may seem simple at the first glance, there are plenty variables entering the process of behavioural data acquisition and pattern extraction.

show abstract

Section: High-level Malware Behavioural Patternsmentioning

confidence: 92%

Section: High-level Malware Behavioural Patternsmentioning

confidence: 99%

Section: High-level Malware Behavioural Patternsmentioning

confidence: 99%

“…The definition of pattern with variability of behaviour occurrences (Equation 2) is further explained and practical application is demonstrated in our work [7].…”

Section: High-level Malware Behavioural Patternsmentioning

confidence: 99%

See 2 more Smart Citations