Fuzzy markup language for malware behavioral analysis

Abstract

In recent years, antimalware applications represented one of the most important research topics in the area of network security threat. In addition, malware have become a growing important problem for governments and commercial organizations. The key point of the research on the network security is to judge and validate the similarity metrics among the malicious software. Indeed, most computer network issues are also caused by malware. As a consequence, one enhanced system to analyze the behavior of malwares is needed to try to predict the malicious actions and to minimize the computer damages caused by the malware. However, the conventional data analysis tools lack the ability to deal with the computer safety because the environments malwares operating are with high levels of imprecision and vagueness. For this reason, we have developed Taiwan Malware Analysis Net (TWMAN) to improve the accuracy of malware behavioral analysis. This chapter tries to explorer and deal with these computer security and safety issues by integrating the semantic technologies and computational intelligence methods, such as the fuzzy ontologies and fuzzy markup language (FML). With the proposed approach, the malware identification has achieved a good performance according to the experimental results. © 2013 Springer-Verlag Berlin Heidelberg.