A Statistical Approach for Discovering Critical Malicious Patterns in Malware Families

Ghanaei, Vida; Iliopoulos, Costas S.; Overill, Richard E.

Home // PATTERNS 2015, The Seventh International Conferences on Pervasive Patterns and Applications // View article

A Statistical Approach for Discovering Critical Malicious Patterns in Malware Families

Authors:
Vida Ghanaei
Costas S. Iliopoulos
Richard E. Overill

Keywords: Malware; Malicious Patterns; Malicious Shared Code; Classification; Control Flow Graph; Numerical Statistics.

Abstract:
In this paper, we present carefully selected critical malicious patterns, which are in common among malware variants in the same malware family, but not other malware families, using statistical information processing. The analysed critical malicious patterns can be an effective training dataset, towards classification of known and unknown malware variants. We present malware variants as a set of hashes, which represent the constituent basic blocks of the malware Control Flow Graph, and classify them into their corresponding malware family. By computing the Distribution Frequency for each basic block residing in all the malware families, the importance of being a possible representative to become a critical malicious pattern for a specific malware family is measured. This value is carefully computed by considering the population of each malware family.

Pages: 21 to 26

Copyright: Copyright (c) IARIA, 2015

Publication date: March 22, 2015

Published in: conference

ISSN: 2308-3557

ISBN: 978-1-61208-393-3

Location: Nice, France

Dates: from March 22, 2015 to March 27, 2015