Anand Paturi, Manoj Cherukuri, John Donahue, Srinivas Mukkamala
{"title":"移动恶意软件可视化分析及攻击工具包相似性(恶意软件基因分析)","authors":"Anand Paturi, Manoj Cherukuri, John Donahue, Srinivas Mukkamala","doi":"10.1109/CTS.2013.6567221","DOIUrl":null,"url":null,"abstract":"We use Normalized Compression Distance (NCD) (owing to its capabilities to perform similarity measure of unstructured data) to enumerate code similarity between malicious Android apps and visualize their clusters. Our classification methods and visual analytics can help the antivirus community to ensure that a variant of a known malware can still be detected without the need of creating a signature. We also present when a new malware is released, our methods can be used to understand the similarity/behavior with known malware families.","PeriodicalId":256633,"journal":{"name":"2013 International Conference on Collaboration Technologies and Systems (CTS)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":"{\"title\":\"Mobile malware visual analytics and similarities of Attack Toolkits (Malware gene analysis)\",\"authors\":\"Anand Paturi, Manoj Cherukuri, John Donahue, Srinivas Mukkamala\",\"doi\":\"10.1109/CTS.2013.6567221\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We use Normalized Compression Distance (NCD) (owing to its capabilities to perform similarity measure of unstructured data) to enumerate code similarity between malicious Android apps and visualize their clusters. Our classification methods and visual analytics can help the antivirus community to ensure that a variant of a known malware can still be detected without the need of creating a signature. We also present when a new malware is released, our methods can be used to understand the similarity/behavior with known malware families.\",\"PeriodicalId\":256633,\"journal\":{\"name\":\"2013 International Conference on Collaboration Technologies and Systems (CTS)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-05-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"21\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Collaboration Technologies and Systems (CTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CTS.2013.6567221\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Collaboration Technologies and Systems (CTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CTS.2013.6567221","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mobile malware visual analytics and similarities of Attack Toolkits (Malware gene analysis)
We use Normalized Compression Distance (NCD) (owing to its capabilities to perform similarity measure of unstructured data) to enumerate code similarity between malicious Android apps and visualize their clusters. Our classification methods and visual analytics can help the antivirus community to ensure that a variant of a known malware can still be detected without the need of creating a signature. We also present when a new malware is released, our methods can be used to understand the similarity/behavior with known malware families.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
