Statistical Analysis for Classification of Malicious Software

Statistical Analysis for Classification of Malicious Software

This paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is u...

Full description

Bibliographic Details
Main Authors: Evgeny Petrovich Tumoyan, Ksenia Vasilevna Tsyganok
Format: Article
Language:English
Published: Moscow Engineering Physics Institute 2014-09-01
Series:Bezopasnostʹ Informacionnyh Tehnologij
Subjects:
multidimensional scaling
WinAPI calls
viruses
Online Access:https://bit.mephi.ru/index.php/bit/article/view/180
id doaj-5fdd707c2bfb433696f15b2e127b5f7a
record_format Article
spelling doaj-5fdd707c2bfb433696f15b2e127b5f7a2020-11-24T21:29:50ZengMoscow Engineering Physics Institute Bezopasnostʹ Informacionnyh Tehnologij2074-71282074-71362014-09-01213180Statistical Analysis for Classification of Malicious SoftwareEvgeny Petrovich Tumoyan0Ksenia Vasilevna Tsyganok1Southern Federal UniversitySouthern Federal UniversityThis paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is used to identify groups programs and classification of the programs.https://bit.mephi.ru/index.php/bit/article/view/180multidimensional scalingWinAPI callsviruses
collection DOAJ
language English
format Article
sources DOAJ
author Evgeny Petrovich Tumoyan
Ksenia Vasilevna Tsyganok
spellingShingle Evgeny Petrovich Tumoyan
Ksenia Vasilevna Tsyganok
Statistical Analysis for Classification of Malicious Software
Bezopasnostʹ Informacionnyh Tehnologij
multidimensional scaling
WinAPI calls
viruses
author_facet Evgeny Petrovich Tumoyan
Ksenia Vasilevna Tsyganok
author_sort Evgeny Petrovich Tumoyan
title Statistical Analysis for Classification of Malicious Software
title_short Statistical Analysis for Classification of Malicious Software
title_full Statistical Analysis for Classification of Malicious Software
title_fullStr Statistical Analysis for Classification of Malicious Software
title_full_unstemmed Statistical Analysis for Classification of Malicious Software
title_sort statistical analysis for classification of malicious software
publisher Moscow Engineering Physics Institute
series Bezopasnostʹ Informacionnyh Tehnologij
issn 2074-7128
2074-7136
publishDate 2014-09-01
description This paper proposes a new method of the malicious code classification based on statistical analysis of traces WinAPI calls. We have developed a procedure for programs proximity measurement, taking into account the sequence of WinAPI calls, and the similarity of their arguments. Cluster analysis is used to identify groups programs and classification of the programs.
topic multidimensional scaling
WinAPI calls
viruses
url https://bit.mephi.ru/index.php/bit/article/view/180
work_keys_str_mv AT evgenypetrovichtumoyan statisticalanalysisforclassificationofmalicioussoftware
AT kseniavasilevnatsyganok statisticalanalysisforclassificationofmalicioussoftware
_version_ 1725965452740395008

Similar Items