Browse > Article
http://dx.doi.org/10.5762/KAIS.2015.16.10.7211

Malware Analysis Mechanism using the Word Cloud based on API Statistics  

Yu, Sung-Tae (Dept. of Information Security, Hoseo University)
Oh, Soo-Hyun (Dept. of Information Security, Hoseo University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.16, no.10, 2015 , pp. 7211-7218 More about this Journal
Abstract
Tens of thousands of malicious codes are generated on average in a day. New types of malicious codes are surging each year. Diverse methods are used to detect such codes including those based on signature, API flow, strings, etc. But most of them are limited in detecting new malicious codes due to bypass techniques. Therefore, a lot of researches have been performed for more efficient detection of malicious codes. Of them, visualization technique is one of the most actively researched areas these days. Since the method enables more intuitive recognition of malicious codes, it is useful in detecting and examining a large number of malicious codes efficiently. In this paper, we analyze the relationships between malicious codes and Native API functions. Also, by applying the word cloud with text mining technique, major Native APIs of malicious codes are visualized to assess their maliciousness. The proposed malicious code analysis method would be helpful in intuitively probing behaviors of malware.
Keywords
Malware; Malware Analysis; Native API; Visualization; Word cloud;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Tae-hyung Kim, "Security, IT industry trends", boannews, 2015, www.boannews.com
2 Kyung-ho Son, "This year mobile security keyword, banking, payment, SMS phishing, IoT", ZDNetKorea, 2015, www.zdnet.co.kr
3 Pauline KOH, "System call sequence based malware analysis", pp. 4, Korea University, 2013.
4 E. Carrera, Gergely Erdelyi, "Digital genome mapping-advanced binary malware analysis", Virus Bulletin Conference, 2004.
5 won-hyuck choi, "Inference virus variants Using the Virus Genome", Monthly CyberSecurity, 2005.
6 Jae-Hyun Im, "Malware detection method using Visualization technique", pp. 6, Hanyang University, 2014
7 In-Soo Song, Dong-Hui Lee, Kui-Nam Kim, "A Study on Malicious Codes Crouping and Analysis Using Visualiztion", pp. 51-60, journal of information and security, 2010.
8 Tae-woo Kang, Jae-ik cho, Man-hyun Chung, Jong-sub Moon, "Malware Detection Via Hybrid Analysis for API Calls", Journal of The Korea Institute of Information Security & Cryptology, Vol. 17, No. 6, pp. 89-98, 2007
9 Jae-woo Park, Sung-tae Moon, Gi-Wook Son, In-Kyoung Kim, Kyoung-Soo Han, Eul-Gyu Im, ll-Gon Kim, "An Automatic Malware Classification System using String Lsit and APIs", Journal of Security Engineering, Vol. 8, No. 5, pp. 611-626, 2011.
10 Jae-ho Lee, Sangjin-Lee, "A Study on Unknown Malware Detection using Digital Forensic Techniques", Journal of The Korea Institute of Information Security & Cryptology, Vol. 24, No. 1, pp. 107-122, 2014. DOI: http://dx.doi.org/10.13089/JKIISC.2014.24.1.107   DOI