PASCAL - Pattern Analysis, Statistical Modelling and Computational Learning

A Malware Instruction Set for Behavior-based Analysis
Philipp Trinius, Carsten Willems, Thorsten Holz and Konrad Rieck
In: Sicherheit 2010 (Sicherheit, Schutz und Verlässlichkeit), Oct 2011, Berlin, Germany.


We introduce a new representation for monitored behavior of malicious software called Malware Instruction Set (MIST). The representation is optimized for effective and efficient analysis of behavior using data mining and machine learning techniques. It can be obtained automatically during analysis of malware with a behavior monitoring tool or by converting existing behavior reports. The representation is not restricted to a particular monitoring tool and thus can also be used as a meta language to unify behavior reports of different sources

PDF - Requires Adobe Acrobat Reader or other PDF viewer.
EPrint Type:Conference or Workshop Item (Paper)
Project Keyword:Project Keyword UNSPECIFIED
Subjects:Theory & Algorithms
ID Code:7694
Deposited By:Konrad Rieck
Deposited On:17 March 2011