Behavioral Classification
Brief Description
This white paper proposes a behavior-based automated classification method for malware based on distance measure and machine learning.
On This Page
Quick Details
| File Name: | Behavioral_Classification.doc |
| Version: | 1.0 |
| Date Published: | 5/9/2006 |
| Language: | English |
| Download Size: | 1.4 MB |
| Estimated Download Time: | 4 min 56K |
Overview
In recent years, the number of malware families/variants has exploded dramatically. Automatic malware classification is becoming an important research area. Virus/spyware writers continue to create large number of new families and variants at an increasingly fast rate, effectively rendering manual human analysis inefficient and inadequate. In attempts to automate static file analysis, we encountered considerable challenges from incremental family evolutions, binary obfuscation and intricate component relationships associated with Spyware. These challenges suggest the importance of run time behavior analysis in addition to static binary analysis, and using adaptable algorithms to automate classification. In this paper, we propose a behavior-based automated classification method based on distance measure and machine learning.
This white paper was originally presented at the 2006 EICAR Conference in Hamburg, Germany, on May 1, 2006. For more information on the EICAR organization, please visit their website at http://www.eicar.org. 
Top of page
System Requirements
- Supported Operating Systems: Windows XP
The whitepaper requires Microsoft Word to view. Top of page
Instructions
Download the white paper to your computer and open it in Microsoft Word to view.
Top of page
