• DocumentCode
    1803610
  • Title

    A novel malware variants detection method based On function-call graph

  • Author

    Lingfei Wu ; Ming Xu ; Jian Xu ; Ning Zheng ; Haiping Zhang

  • Author_Institution
    Institute of Computer Application Technology, Hangzhou Dianzi University, China, 310018
  • fYear
    2013
  • fDate
    1-8 Jan. 2013
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    Code obfuscation plays a significant role in metamorphic malware. Moreover, identifying a metamorphic malware variant is a challenge task, because its obfuscation engine can easily generate various variants with different forms while maintaining the same functionality to escape detection. This paper presents a novel approach to recognize metamorphic malware based on programs´ function-call graphs. Graph-coloring and cosine similarity techniques are used to measure the similarity of two programs on the basis of function-call graph. Experimental results have shown that the proposed method can accurately detect the metamorphic malware variants.
  • Keywords
    Engines; Malware; Ports (Computers); Vectors; function-matching; graph-coloring; malware;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Conference Anthology, IEEE
  • Conference_Location
    China
  • Type

    conf

  • DOI
    10.1109/ANTHOLOGY.2013.6784887
  • Filename
    6784887
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1803610