Openly accessible

A comparison of the classification of disparate malware collected in different time periods

Islam, Rafiqul, Tian, Ronghua, Moonsamy, Veelasha and Batten, Lynn 2011, A comparison of the classification of disparate malware collected in different time periods, in ATIS 2011 : Workshop proceedingof ATIS 2011. Melbourne, November 9th, 2011. Second Applications and Techniques in Information Security Workshop, Deakin University School of Information Systems, Melbourne, Vic, pp. 22-27.

Attached Files
Name Description MIMEType Size Downloads
islam-comparisonofthe-2011.pdf Published version application/pdf 509.92KB 65

Title A comparison of the classification of disparate malware collected in different time periods
Author(s) Islam, Rafiqul
Tian, Ronghua
Moonsamy, Veelasha
Batten, Lynn
Conference name Applications and Techniques in Information Security. Workshop (2nd : 2011 : Melbourne, Vic.)
Conference location Melbourne, Vic.
Conference dates 9 Nov. 2011
Title of proceedings ATIS 2011 : Workshop proceedingof ATIS 2011. Melbourne, November 9th, 2011. Second Applications and Techniques in Information Security Workshop
Editor(s) Warren, Matthew
Publication date 2011
Conference series Applications and Techniques in Information Security Workshop
Start page 22
End page 27
Total pages 6
Publisher Deakin University School of Information Systems
Place of publication Melbourne, Vic
Keyword(s) malware
classification
static
dynamic
Summary It has been argued that an anti-virus strategy based on malware collected at a certain date, will not work at a later date because malware evolves rapidly and an anti-virus engine is faced with a completely new type of executable not as amenable to detection as the first was. In this paper, we test this idea by collecting two sets of malware, the first from 2002 to 2007, the second from 2009 to 2010 to determine how well the anti-virus strategy we developed based on the earlier set [14] will do on the later set. This anti-virus strategy integrates dynamic and static features extracted from the executables to classify malware by distinguishing between families. The resulting classification accuracies are very close for both datasets, with a difference of only 5.4%, the older malware being more accurately classified than the newer malware. This leads us to conjecture that current anti-virus strategies can indeed be modified to deal effectively with new malware.
Notes Reproduced with the kind permission of the copyright owner.
ISBN 9780987229809
Language eng
Field of Research 080303 Computer System Security
Socio Economic Objective 890301 Electronic Information Storage and Retrieval Services
HERDC Research category E1 Full written paper - refereed
HERDC collection year 2011
Copyright notice ©2011, Deakin University
Persistent URL http://hdl.handle.net/10536/DRO/DU:30045407

Document type: Conference Paper
Collections: School of Information Technology
Open Access Collection
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.

Versions
Version Filter Type
Access Statistics: 103 Abstract Views, 67 File Downloads  -  Detailed Statistics
Created: Fri, 18 May 2012, 09:59:42 EST by Barb Robertson

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.