Abstract
Due to the rapid propagation of the network malwares and their severe threat, it is crucial to detect them and automatically generate their signatures in the early stage of the infection. Most existing approaches for automatic signature generation are based on the byte sequences in the flows, which usually has a great computation and memory overhead and cannot work well in presence of noise. In this paper, we present a method for large-scale malware analysis with feature extraction based on hashed matrix. Moreover, we propose the automatic signature generation using the Bayesian signature selection within clusters. Our evaluation shows that the proposed method can speed up the typical malware signature generation with less memory consumption. In addition, it has a comparably higher accuracy than previous approaches and is more noise-tolerant.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
