Use of morphing engine in metamorphic and polymorphic malware, and virus creation kits aid malware authors to produce a plenty number of variants for a virus. These variants belong to a family and have common behavioral and some statistical characteristics. However, these variants are not detectable via a single common string signature. Some statistical analyses have been tested in recent years to fight against these types of multi-variants family malware. In this research, we introduce and examine an opcodes statistical-based classifier using decision tree. This method is very simple in implementation. Our experimental outcome shows that different malware family executable files are classifiable using their opcodes statistical feature, with a high degree of reliability. © 2011 Springer-Verlag.
CITATION STYLE
Bashari Rad, B., Masrom, M., Ibrahim, S., & Ibrahim, S. (2011). Morphed virus family classification based on opcodes statistical feature using decision tree. In Communications in Computer and Information Science (Vol. 251 CCIS, pp. 123–131). https://doi.org/10.1007/978-3-642-25327-0_11
Mendeley helps you to discover research relevant for your work.