Browse > Article
http://dx.doi.org/10.9708/jksci.2013.18.5.069

A Study on the Malware Realtime Analysis Systems Using the Finite Automata  

Kim, Hyo-Nam (Dept. of Computer Engineering, Hongik University)
Park, Jae-Kyoung (Cyber Security Research Center, KAIST)
Won, Yoo-Hun (Dept. of Computer Engineering, Hongik University)
Abstract
In the recent years, cyber attacks by malicious codes called malware has become a social problem. With the explosive appearance and increase of new malware, innumerable disasters caused by metaphoric malware using the existing malicious codes have been reported. To secure more effective detection of malicious codes, in other words, to make a more accurate judgment as to whether suspicious files are malicious or not, this study introduces the malware analysis system, which is based on a profiling technique using the Finite Automata. This new analysis system enables realtime automatic detection of malware with its optimized partial execution method. In this paper, the functions used within a file are expressed by finite automata to find their correlation, and a realtime malware analysis system enabling us to give an immediate judgment as to whether a file is contaminated by malware is suggested.
Keywords
Malware; Finite Automata; Realtime Analysis;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 AV-TEST - The Independent IT-Security Institute, www.av-test.org
2 K. Thomas, and D.M. Nicol, "The Koobface Botnet and The Rice of Social Malware," IEEE Int. Conf. Malicious and Unwanted Software (Malware'10), pp. 63-70, Oct. 2010.
3 Boo Joong Kang, Kyoung Soo Han, Eul Gyu Im, "Malware Current Status and Detection Technology," Communications of the Korea Information Science Society, vol. 30, no. 1, pp. 44-53, Jan. 2012.
4 Intel Corporation, Intel 64 and IA-32 Architectures Software Developer's Manual Volume 2B: Instruction Set Reference, N-Z, Intel Corporation, March 2010.
5 A. Moser, C. Kruegel, and E. Kirda, "Limits of Static Analysis for Malware Detection," In ACSAC, pp. 421-430, Dec. 2007.
6 JooBeom Yun, YoungJoo Shin, "MiGuard : Detecting and Guarding against Malicious Iframe through API Hooking," IEICE Electronics Express, pp. 460-465, 2011.
7 G. Jacob. H. Debar, and E. Filiol, "Behavioral Detection of Malware: from a Survey towards an established Taxonomy," Journal in Computer Virology, vol. 4, no. 3, pp. 251-266, 2008.   DOI   ScienceOn
8 Dwan Dong, Bavid Brumley, BitBlaze, "A New Approach to Computer Security via Binary Analysis," ICISS 2008, pp. 1-25, 2008.
9 Zhiqiang Lin, Xiangyu Zhang, "Automatic Reverse Engineering of Data Structures form Binary Execution," NDSS 2010, 2010.
10 Symantec Corporation, "Symantec Global Internet Security Threat Report," Apr. 2010.