Deakin University
Browse

File(s) under permanent embargo

A comparison of the classification of disparate malware collected in different time periods

Version 2 2024-06-03, 11:32
Version 1 2014-10-28, 09:40
conference contribution
posted on 2024-06-03, 11:32 authored by R Islam, R Tian, V Moonsamy, Lynn BattenLynn Batten
It has been argued that an anti-virus strategy based on malware collected at a certain date, will not work at a later date because malware evolves rapidly and an anti-virus engine is faced with a completely new type of executable not as amenable to detection as the first was. In this paper, we test this idea by collecting two sets of malware, the first from 2002 to 2007, the second from 2009 to 2010 to determine how well the anti-virus strategy we developed based on the earlier set [14] will do on the later set. This anti-virus strategy integrates dynamic and static features extracted from the executables to classify malware by distinguishing between families. The resulting classification accuracies are very close for both datasets, with a difference of only 5.4%, the older malware being more accurately classified than the newer malware. This leads us to conjecture that current anti-virus strategies can indeed be modified to deal effectively with new malware.

History

Pagination

22-27

Location

Melbourne, Vic.

Start date

2011-11-09

End date

2011-01-01

ISBN-13

9780987229809

Language

eng

Notes

Reproduced with the kind permission of the copyright owner.

Publication classification

E1 Full written paper - refereed

Copyright notice

2011, Deakin University

Editor/Contributor(s)

Warren M

Title of proceedings

ATIS 2011 : Workshop proceedingof ATIS 2011. Melbourne, November 9th, 2011. Second Applications and Techniques in Information Security Workshop

Event

Applications and Techniques in Information Security. Workshop (2nd : 2011 : Melbourne, Vic.)

Publisher

Deakin University School of Information Systems

Place of publication

Melbourne, Vic

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC