Cyber criminals are trying to steal personal information from victim¡¦s machine to acquire more benefits by using malware. Antivirus is the most commonly used tool of malware identification, but the frequency of virus definition update is often less than the frequency of new type malware increase. Therefore, we need an effective and fast tool of malware identification in the current environment.
In addition to antivirus, software analysis platform is currently one of the ways to identify malware. User could figure out behaviors of software in detail by the analysis report provided by software analysis platform. Most of software analysis platforms only offer an analysis report, user have to identify whether the software is malware or not by them self. This type of report is no help for user if their expertise not enough to find out these behaviors. Some of software analysis platforms which used antivirus can provide information to user about the software is malware or not, but they don¡¦t have the ability of identifying new type malware immediately.
According to research and analysis report, we generalized differences in file and registry activities of normal software and malware and defined malware classification features from these differences. We adopted Support Vector Machine¡]SVM¡^as our algorithm of classification to build and test three classifiers which can identify normal software and malware. After several experimental evaluations, we confirmed that the identification rate of malware was up to 97.6%. Finally, we compared the performance of our classifiers with ThreatExpert, and the result show that the performance of our classifiers is as well as ThreatExpert.
| Identifer | oai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0912112-145949 |
| Date | 12 September 2012 |
| Creators | Zeng, Ling-Ming |
| Contributors | Da-zhi Guan, chia-Mei Chen, Sheng-Tzong Cheng |
| Publisher | NSYSU |
| Source Sets | NSYSU Electronic Thesis and Dissertation Archive |
| Language | Cholon |
| Detected Language | English |
| Type | text |
| Format | application/pdf |
| Source | http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0912112-145949 |
| Rights | user_define, Copyright information available at source archive |
Page generated in 0.0021 seconds