Abstract
The recent spike in malware dissemination rate in various striving organizations necessitate the stringent demand for the establishment of suitable counter-measures for safeguarding Information Technology assets against customized malware attacks. The Anti-virus (AV) communities perform a vital role in the threat management of such dissemination by detecting new malware in the wild and assigning labels to them. However during an extensive study conducted on malware, a huge heterogeneity in their categorization has been observed. It adversely affects research communities, business organizations, and AV companies as this creates confusion and difficulty to study malicious programs. Thus, there is an immediate need of a system where malware is determined not on the basis of their ‘confusing’ names given by AV vendors but by its activities so that its damage potential on the victim machine can be determined. This paper presents malware naming conventions being used by AV vendors and characterizes malware capabilities on the basis of their characteristic features obtained after performing static and dynamic malware analysis. It proposes a novel technique, an initiative to solve the issue of inconsistencies that will assess the level of different capabilities of a malware using Fuzzy logic paradigm. This approach would remove the misunderstandings and confusion that arises due to inconsistent naming convention and improve clarity towards their mature and new attributes. The proposed approach is tested on a set of well-known real malware samples and the results obtained are compared with that of fuzzy clustering.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
