@inproceedings{9a34c6be9bd74a28a113f5037391a49c,
title = "Toward an automatic, online behavioral Malware classification system",
abstract = "Malware authors are increasingly using specialized toolkits and obfuscation techniques to modify existing malware and avoid detection by traditional antivirus software. The resulting proliferation of obfuscated malware variants poses a challenge to antivirus vendors, who must create signatures to detect each new malware variant. Although the many variants in a malware family have different static signatures, they share characteristic behavioral patterns resulting from their common function and heritage. We describe an automatic classification system that can be trained to accurately identify new variants within known malware families, using observed similarities in behavioral features extracted from sensors monitoring live computers hosts. We evaluate the accuracy of the classifier on a live testbed under a heavy computational load. The described classification system is intended to perform classification online, using the computed classes of newly detected malware variants to guide the automatic mitigation of infected hosts.",
keywords = "autonomic computing, classification, decision trees, detection, machine learning, malware, mitigation",
author = "Raymond Canzanese and Moshe Kam and Spiros Mancoridis",
year = "2013",
doi = "10.1109/SASO.2013.8",
language = "English (US)",
isbn = "9780769551296",
series = "International Conference on Self-Adaptive and Self-Organizing Systems, SASO",
pages = "111--120",
booktitle = "Proceedings - 2013 IEEE 7th International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2013",
note = "2013 IEEE 7th International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2013 ; Conference date: 09-09-2013 Through 13-09-2013",
}