Title :
Automatic signature analysis and generation for large-scale network malware
Author :
Wen Wang ; Xiaofeng Wang ; Huabiao Lu ; Jinshu Su
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol. Changsha, Changsha, China
Abstract :
Due to the rapid propagation of the network malwares and their severe threat, it is crucial to detect them and automatically generate their signatures in the early stage of the infection. Most existing approaches for automatic signature generation are based on the byte sequences in the flows, which usually has a great computation and memory overhead and cannot work well in presence of noise. In this paper, we present a method for large-scale malware analysis with feature extraction based on hashed matrix. Moreover, we propose the automatic signature generation using the Bayesian signature selection within clusters. Our evaluation shows that the proposed method can speed up the typical malware signature generation with less memory consumption. In addition, it has a comparably higher accuracy than previous approaches and is more noise-tolerant.
Keywords :
Bayes methods; computer network security; cryptography; digital signatures; feature extraction; invasive software; Bayesian signature selection; automatic malware signature analysis; automatic malware signature generation; byte sequences; computation overhead; feature extraction; hashed matrix; large-scale malware analysis; large-scale network malware propagation; memory consumption; memory overhead; Automatic Signature Generation; Bayesian Selection; Feature Hashing;
Conference_Titel :
Information Science and Control Engineering 2012 (ICISCE 2012), IET International Conference on
Conference_Location :
Shenzhen
Electronic_ISBN :
978-1-84919-641-3
DOI :
10.1049/cp.2012.2440
