Ontology-based intelligent system for malware behavioral analysis

Author

Huang, Hsien-Der ; Chuang, Tsung-Yen ; Tsai, Yi-Lang ; Lee, Chang-Shing

Author_Institution

Nat. Center for High-Performance Comput., Nat. Appl. Res. Labs., Tainan, Taiwan

fYear

2010

fDate

18-23 July 2010

Firstpage

1

Lastpage

6

Abstract

This paper proposes an ontology-based intelligent system for malware behavioral analysis. The design background and structure of the Taiwan Malware Analysis Net (TWMAN) are presented to analyze the malware behavior. The TWMAN is composed of the malware behavioral analysis agent and the ontology agent. All of the essential information of the TWMAN, including the malware behavioral ontology, which is store in an ontology repository. The malware behavioral analysis agent collects the malware behavioral information to build malware behavioral ontology and malware behavioral rules. The results from the system logs show that the TWMAN can work effectively based on the malware behavioral analysis to protect the computers from the attack of computer viruses and Trojans.

Keywords

computer network security; invasive software; ontologies (artificial intelligence); Taiwan malware analysis net; Trojan; computer virus; malware behavioral analysis agent; malware behavioral rule; ontology based intelligent system; Analytical models; Internet; Malware; Ontologies;

fLanguage

English

Publisher

ieee

Conference_Titel

Fuzzy Systems (FUZZ), 2010 IEEE International Conference on

Conference_Location

Barcelona

ISSN

1098-7584

Print_ISBN

978-1-4244-6919-2

Type

conf

DOI

10.1109/FUZZY.2010.5584325

Filename

5584325