Automatic analysis of malware behavior using machine learning

Rieck, Konrad; Trinius, Philipp; Willems, Carsten; Holz, Thorsten

doi:10.3233/jcs-2010-0410

articleJournal of Computer SecurityJun 20, 2011Closed access

Automatic analysis of malware behavior using machine learning

KRKonrad Rieck PTPhilipp Trinius CWCarsten Willems THThorsten Holz

Fraunhofer Institute for Production Systems and Design Technology · Technische Universität Berlin · +2 more institutions

Indexed incrossref

Abstract

Malicious software – so called malware – poses a major threat to the security of computer systems. The amount and diversity of its variants render classic security defenses ineffective, such that millions of hosts in the Internet are infected with malware in the form of computer viruses, Internet worms and Trojan horses. While obfuscation and polymorphism employed by malware largely impede detection at file level, the dynamic analysis of malware binaries during run-time provides an instrument for characterizing and defending against the threat of malicious software. In this article, we propose a framework for the automatic analysis of malware behavior using machine learning. The framework allows for…

Citation impact

727

total citations

FWCI: 33.69
Percentile: 100%
References: 60

Citations per year

Authors

4

Topics & keywords

Topics

Keywords

Malware
Computer science
Malware analysis
Cluster analysis
Cryptovirology
Static analysis
Trojan
Overhead (engineering)

No related works found for this paper.