A Study on Malware Identification System Using Static Analysis Based Machine Learning Technique |
Kim, Su-jeong
(Hoseo University)
Ha, Ji-hee (Hoseo University) Oh, Soo-hyun (Hoseo University) Lee, Tae-jin (Hoseo University) |
1 | KISA and KIISC, http://datachallenge.kr/challenge18/malware/introduction/ |
2 | KISA, https://www.kisis.or.kr/kisis/subIndex/283.do |
3 | AV-TEST, The AV-TEST security report 2017/18, AV-TEST, Jul. 2018. |
4 | Cisco, Cisco 2018 annual cybersecurity reposrt, Cisco, Jan. 2018 |
5 | Y. Li, S.C. Sundaramurthy, A.B. Bardas, X. Ou, D. Caragea, X. Hu and J. Jang, "Experimental study of fuzzy hashing in malware clustering analysis," 8th Workshop on Cyber Security Experimentation and Test ({CSET} 15). Aug. 2015. |
6 | Dong-woo Goh and Huy-kang Kim. "A study on malware clustering technique using API call sequence and locality sensitive hashing," Journal of the Korea Institute of Information Security & Cryptology, 27(1) pp.91-101. Feb. 2017 DOI |
7 | Z. Min, M. Sun and J.CS. Lui, "Droid analytics: a signature based analytic system to collect, extract, analyze and associate android malware," 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 163-171, July 2013. |
8 | M. Ahmadi, D. Ulyanov, S. Semenov, M. Trofimov and G. Giacinto, "Novel feature extraction, selection and fusion for effective malware family classification," Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 183-194, Mar. 2016. |
9 | Y. Zhong, H. Yamaki and H. Takakura, "A malware classification method based on similarity of function structure," 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet, pp. 256-261, July 2012. |
10 | R. Islam, R. Tian, L.M. Batten and S. Versteeg, "Classification of malware based on integrated static and dynamic features," Journal of Network and Computer Applications, vol. 36, no. 2, pp. 646-656, Mar. 2013 DOI |
11 | J. Kornblum, "Identifying almost identical files using context triggered piecewise hashing," Digital investigation, vol. 3, pp. 91-97, Sep. 2006 DOI |
12 | J. Oliver, C. Cheng and Y. Chen. "TLSH--a locality sensitive hash," 2013 Fourth Cybercrime and Trustworthy Computing Workshop, pp.7-13, Nov. 2013. |
13 | NIST, http://www.nsrl.nist.gov/ssdeep.htm |
14 | Virusshare, https://virusshare.com |
15 | M.Z. Shafiq, S.M. Tabish, F. Mirza, M. Farooq, "PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime," International Workshop on Recent Advances in Intrusion Detection, LNCS 5758, pp. 121-141, 2009 |
16 | Dong-hwi Shin, Chae-tae Im, Hyun-cheol Jeong, "The packer detection signature generation based on unpacking algorithm characteistic," Korea Computer Congress 2010, pp. 56-60, June 2010 |
17 | G. Taha, Counterattacking the packers, McAfee Avert Labs, 2007 |
18 | M. Bat-Erdene, T. Kim, H. Park and H. Lee, "Packer detection for multi-layer executables using entropy analysis," Entropy, vol. 19, no. 3, Mar. 2017. |
19 | Ho-dong Lee, Reverse engineering 1 (file structure section), Hanbit Media, Oct. 2016. |
20 | M. Sikorski and A. Honig, Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, Acorn Publication, Oct. 2013 |
21 | S. Marsland, Machine Learning: An Algorithmic Perspective, Jpub, Dec. 2016 |