JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Malware Analysis Mechanism using the Word Cloud based on API Statistics
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Malware Analysis Mechanism using the Word Cloud based on API Statistics
Yu, Sung-Tae; Oh, Soo-Hyun;
  PDF(new window)
 Abstract
Tens of thousands of malicious codes are generated on average in a day. New types of malicious codes are surging each year. Diverse methods are used to detect such codes including those based on signature, API flow, strings, etc. But most of them are limited in detecting new malicious codes due to bypass techniques. Therefore, a lot of researches have been performed for more efficient detection of malicious codes. Of them, visualization technique is one of the most actively researched areas these days. Since the method enables more intuitive recognition of malicious codes, it is useful in detecting and examining a large number of malicious codes efficiently. In this paper, we analyze the relationships between malicious codes and Native API functions. Also, by applying the word cloud with text mining technique, major Native APIs of malicious codes are visualized to assess their maliciousness. The proposed malicious code analysis method would be helpful in intuitively probing behaviors of malware.
 Keywords
Malware;Malware Analysis;Native API;Visualization;Word cloud;
 Language
Korean
 Cited by
 References
1.
Tae-hyung Kim, "Security, IT industry trends", boannews, 2015, www.boannews.com

2.
Kyung-ho Son, "This year mobile security keyword, banking, payment, SMS phishing, IoT", ZDNetKorea, 2015, www.zdnet.co.kr

3.
Pauline KOH, "System call sequence based malware analysis", pp. 4, Korea University, 2013.

4.
E. Carrera, Gergely Erdelyi, "Digital genome mapping-advanced binary malware analysis", Virus Bulletin Conference, 2004.

5.
won-hyuck choi, "Inference virus variants Using the Virus Genome", Monthly CyberSecurity, 2005.

6.
Jae-Hyun Im, "Malware detection method using Visualization technique", pp. 6, Hanyang University, 2014

7.
In-Soo Song, Dong-Hui Lee, Kui-Nam Kim, "A Study on Malicious Codes Crouping and Analysis Using Visualiztion", pp. 51-60, journal of information and security, 2010.

8.
Tae-woo Kang, Jae-ik cho, Man-hyun Chung, Jong-sub Moon, "Malware Detection Via Hybrid Analysis for API Calls", Journal of The Korea Institute of Information Security & Cryptology, Vol. 17, No. 6, pp. 89-98, 2007

9.
Jae-woo Park, Sung-tae Moon, Gi-Wook Son, In-Kyoung Kim, Kyoung-Soo Han, Eul-Gyu Im, ll-Gon Kim, "An Automatic Malware Classification System using String Lsit and APIs", Journal of Security Engineering, Vol. 8, No. 5, pp. 611-626, 2011.

10.
Jae-ho Lee, Sangjin-Lee, "A Study on Unknown Malware Detection using Digital Forensic Techniques", Journal of The Korea Institute of Information Security & Cryptology, Vol. 24, No. 1, pp. 107-122, 2014. DOI: http://dx.doi.org/10.13089/JKIISC.2014.24.1.107 crossref(new window)