Big Data Technologies and Applications. 7th International Conference, BDTA 2016, Seoul, South Korea, November 17–18, 2016, Proceedings

Research Article

On Exploiting Static and Dynamic Features in Malware Classification

Download
204 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-58967-1_14,
        author={Jiwon Hong and Sanghyun Park and Sang-Wook Kim},
        title={On Exploiting Static and Dynamic Features in Malware Classification},
        proceedings={Big Data Technologies and Applications. 7th International Conference, BDTA  2016, Seoul, South Korea, November 17--18, 2016, Proceedings},
        proceedings_a={BDTA},
        year={2017},
        month={6},
        keywords={Malware classification Static analysis Dynamic analysis Feature extraction},
        doi={10.1007/978-3-319-58967-1_14}
    }
    
  • Jiwon Hong
    Sanghyun Park
    Sang-Wook Kim
    Year: 2017
    On Exploiting Static and Dynamic Features in Malware Classification
    BDTA
    Springer
    DOI: 10.1007/978-3-319-58967-1_14
Jiwon Hong1,*, Sanghyun Park1,*, Sang-Wook Kim1,*
  • 1: Hanyang University
*Contact email: nowiz@hanyang.ac.kr, singhyun@hanyang.ac.kr, wook@hanyang.ac.kr

Abstract

The number of malwares is exponentially growing these days. Malwares have similar signatures if they are developed by the same group of attackers or with similar purposes. This characteristic helps identify malwares from ordinary programs. In this paper, we address a new type of classification that identifies the group of attackers who are likely to develop a given malware. We identify various features obtained through static and dynamic analyses on malwares and exploit them in classification. We evaluate our approach through a series of experiments with a real-world dataset labeled by a group of domain experts. The results show our approach is effective and provides reasonable accuracy in malware classification.