DocumentCode
2411018
Title
Malware Type Recognition and Cyber Situational Awareness
Author
Dube, Thomas ; Raines, Richard ; Peterson, Gilbert ; Bauer, Kenneth ; Grimaila, Michael ; Rogers, Steven
Author_Institution
Air Force Inst. of Technol., Wright-Patterson AFB, OH, USA
fYear
2010
fDate
20-22 Aug. 2010
Firstpage
938
Lastpage
943
Abstract
Current technologies for computer network and host defense do not provide suitable information to support strategic and tactical decision making processes. Although pattern-based malware detection is an active research area, the additional context of the type of malware can improve cyber situational awareness. This additional context is an indicator of threat capability thus allowing organizations to assess information losses and focus response actions appropriately. Malware Type Recognition (MaTR) is a research initiative extending detection technologies to provide the additional context of malware types using only static heuristics. Test results with MaTR demonstrate over a 99% accurate detection rate and 59% test accuracy in malware typing.
Keywords
computer networks; decision making; invasive software; pattern classification; computer network; cyber situational awareness; malware type recognition; tactical decision making processes; threat capability; Accuracy; Analysis of variance; Context; Decision trees; Feature extraction; Malware; Predictive models; Invasive software; machine learning; security;
fLanguage
English
Publisher
ieee
Conference_Titel
Social Computing (SocialCom), 2010 IEEE Second International Conference on
Conference_Location
Minneapolis, MN
Print_ISBN
978-1-4244-8439-3
Electronic_ISBN
978-0-7695-4211-9
Type
conf
DOI
10.1109/SocialCom.2010.139
Filename
5591412
Link To Document