Skip to main content
Conference Proceedings

A study on similarity calculation method for API invocation sequences

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 9436 492-501
DOI: 10.1007/978-3-319-25754-9_43
0Citations
Citations of this article
3Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Malware variants have been developed and spread in the Internet, and the number of new malware variants is increases every year. Recently, malware is applied with obfuscation and mutation techniques to hide its existence, and malware variants are developed with various automatic tools that transform the properties of existing malware to avoid static analysis based malware detection systems. It is difficult to detect such obfuscated malware with static-based signatures, so we have designed a detection system based on dynamic analysis. In this paper, we propose a dynamic analysis based system that uses the API invocation sequences to compare behaviors of suspicious software with behaviors of existing malware.

Author supplied keywords

Cite

CITATION STYLE

APA

Shim, Y. J., Kim, T. G., & Im, E. G. (2015). A study on similarity calculation method for API invocation sequences. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9436, pp. 492–501). Springer Verlag. https://doi.org/10.1007/978-3-319-25754-9_43

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free