Malware visualization and automatic classification with enhanced information densityChinese Full TextEnglish Full Text (MT)
LIU Yashu;WANG Zhihai;HOU Yueran;YAN Hanbing;School of Computer and Information Technology,Beijing Jiaotong University;School of Electrical and Information Engineering,Beijing University of Civil Engineering and Architecture;Institute of Network Technology,Beijing University of Posts and Telecommunication;National Computer Network Emergency Response Technical Team/Coordination Center of China;
Abstract: The development of computers and networking has been accompanied by exponential increases in the amount of malware which greatly threaten cyber space applications. This study combines the reverse analysis of malicious codes with a visualization method in a method that visualizes operating code sequences extracted from the ".text"section of portable and excutable(PE)files.This method not only improves the efficiency of malware,but also solves the difficulty of simHash similarity measurements.Tests show that this method identifies more effective features with higher information densities.This method is more efficient and has better classification accuracy than traditional malware visualization methods.
Keywords:
- DOI:
10.16511/j.cnki.qhdxxb.2018.22.054
- Series:
- Subject:
- Classification Code:
TP309
- Mobile Reading
Read on your phone instantly
Step 1Scan QR Codes
"Mobile CNKI-CNKI Express" App
Step 2Open“CNKI Express”
and click the scan icon in the upper left corner of the homepage.
Step 3
Scan QR Codes
Read this article on your phone.
- Download
- Online Reading
Download the mobile appuse the app to scan this coderead the article.
Tips: Please download CAJViewer to view CAJ format full text.
Download: 356 Page: 9-14 Pagecount: 6 Size: 823K
Citation Network
Related Literature
- Similar Article
- Reader Recommendation
- Associated Author