Finding new varieties of malware with the classification of network behavior

Mitsuhiro Hatada, Tatsuya Mori

研究成果: Article査読

1 被引用数 (Scopus)


An enormous number of malware samples pose a major threat to our networked society. Antivirus software and intrusion detection systems are widely implemented on the hosts and networks as fundamental countermeasures. However, they may fail to detect evasive malware. Thus, setting a high priority for new varieties of malware is necessary to conduct in-depth analyses and take preventive measures. In this paper, we present a traffic model for malware that can classify network behaviors of malware and identify new varieties of malware. Our model comprises malwarespecific features and general traffic features that are extracted from packet traces obtained from a dynamic analysis of the malware. We apply a clustering analysis to generate a classifier and evaluate our proposed model using large-scale live malware samples. The results of our experiment demonstrate the effectiveness of our model in finding new varieties of malware.

ジャーナルIEICE Transactions on Information and Systems
出版ステータスPublished - 2017 8月

ASJC Scopus subject areas

  • ソフトウェア
  • ハードウェアとアーキテクチャ
  • コンピュータ ビジョンおよびパターン認識
  • 電子工学および電気工学
  • 人工知能


「Finding new varieties of malware with the classification of network behavior」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。