• DocumentCode
    2411018
  • Title

    Malware Type Recognition and Cyber Situational Awareness

  • Author

    Dube, Thomas ; Raines, Richard ; Peterson, Gilbert ; Bauer, Kenneth ; Grimaila, Michael ; Rogers, Steven

  • Author_Institution
    Air Force Inst. of Technol., Wright-Patterson AFB, OH, USA
  • fYear
    2010
  • fDate
    20-22 Aug. 2010
  • Firstpage
    938
  • Lastpage
    943
  • Abstract
    Current technologies for computer network and host defense do not provide suitable information to support strategic and tactical decision making processes. Although pattern-based malware detection is an active research area, the additional context of the type of malware can improve cyber situational awareness. This additional context is an indicator of threat capability thus allowing organizations to assess information losses and focus response actions appropriately. Malware Type Recognition (MaTR) is a research initiative extending detection technologies to provide the additional context of malware types using only static heuristics. Test results with MaTR demonstrate over a 99% accurate detection rate and 59% test accuracy in malware typing.
  • Keywords
    computer networks; decision making; invasive software; pattern classification; computer network; cyber situational awareness; malware type recognition; tactical decision making processes; threat capability; Accuracy; Analysis of variance; Context; Decision trees; Feature extraction; Malware; Predictive models; Invasive software; machine learning; security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Social Computing (SocialCom), 2010 IEEE Second International Conference on
  • Conference_Location
    Minneapolis, MN
  • Print_ISBN
    978-1-4244-8439-3
  • Electronic_ISBN
    978-0-7695-4211-9
  • Type

    conf

  • DOI
    10.1109/SocialCom.2010.139
  • Filename
    5591412