TY - GEN
T1 - TWMAN+
T2 - 2012 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2012
AU - Huang, Hsien De
AU - Lee, Chang Shing
AU - Hagras, Hani
AU - Kao, Hung Yu
PY - 2012
Y1 - 2012
N2 - Classical ontology is not sufficient to deal with vague or imprecise knowledge for real world applications such as malware behavioral analysis. In addition, malware has grown into a pressing problem for governments and commercial organizations. Anti-malware applications represent one of the most important research topics in the area of information security threat. As a countermeasure, enhanced systems for analyzing the behavior of malware are needed in order to predict malicious actions and minimize computer damages. Many researchers use Virtual Machine (VM) systems to monitor malware behavior, but there are many Anti-VM techniques which are used to counteract the collection, analysis, and reverse engineering features of the VM based malware analysis platform. Therefore, malware researchers are likely to obtain inaccurate analysis from the VM based approach. For this reason, we have developed the Taiwan Malware Analysis Net (TWMAN) which uses a real operating system environment to improve the accuracy of malware behavior analysis and has integrated Type-1 Fuzzy Set (T1FS), Ontology, and Fuzzy Markup Language (FML) on 2010. In this paper, we use Interval Type-2 Fuzzy Set (IT2FS), eggdrop, and glftpd as a cloud service (software as a service) on the Google App Engine along with Python and Android. We believe this system can help improve the correctness of malware analysis results and reduce the rate of malware misdiagnosis.
AB - Classical ontology is not sufficient to deal with vague or imprecise knowledge for real world applications such as malware behavioral analysis. In addition, malware has grown into a pressing problem for governments and commercial organizations. Anti-malware applications represent one of the most important research topics in the area of information security threat. As a countermeasure, enhanced systems for analyzing the behavior of malware are needed in order to predict malicious actions and minimize computer damages. Many researchers use Virtual Machine (VM) systems to monitor malware behavior, but there are many Anti-VM techniques which are used to counteract the collection, analysis, and reverse engineering features of the VM based malware analysis platform. Therefore, malware researchers are likely to obtain inaccurate analysis from the VM based approach. For this reason, we have developed the Taiwan Malware Analysis Net (TWMAN) which uses a real operating system environment to improve the accuracy of malware behavior analysis and has integrated Type-1 Fuzzy Set (T1FS), Ontology, and Fuzzy Markup Language (FML) on 2010. In this paper, we use Interval Type-2 Fuzzy Set (IT2FS), eggdrop, and glftpd as a cloud service (software as a service) on the Google App Engine along with Python and Android. We believe this system can help improve the correctness of malware analysis results and reduce the rate of malware misdiagnosis.
UR - http://www.scopus.com/inward/record.url?scp=84872375713&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84872375713&partnerID=8YFLogxK
U2 - 10.1109/ICSMC.2012.6378176
DO - 10.1109/ICSMC.2012.6378176
M3 - Conference contribution
AN - SCOPUS:84872375713
SN - 9781467317146
T3 - Conference Proceedings - IEEE International Conference on Systems, Man and Cybernetics
SP - 2821
EP - 2826
BT - Proceedings 2012 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2012
Y2 - 14 October 2012 through 17 October 2012
ER -