TWMAN+: A type-2 fuzzy ontology model for malware behavior analysis

Hsien De Huang, Chang Shing Lee, Hani Hagras, Hung Yu Kao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Classical ontology is not sufficient to deal with vague or imprecise knowledge for real world applications such as malware behavioral analysis. In addition, malware has grown into a pressing problem for governments and commercial organizations. Anti-malware applications represent one of the most important research topics in the area of information security threat. As a countermeasure, enhanced systems for analyzing the behavior of malware are needed in order to predict malicious actions and minimize computer damages. Many researchers use Virtual Machine (VM) systems to monitor malware behavior, but there are many Anti-VM techniques which are used to counteract the collection, analysis, and reverse engineering features of the VM based malware analysis platform. Therefore, malware researchers are likely to obtain inaccurate analysis from the VM based approach. For this reason, we have developed the Taiwan Malware Analysis Net (TWMAN) which uses a real operating system environment to improve the accuracy of malware behavior analysis and has integrated Type-1 Fuzzy Set (T1FS), Ontology, and Fuzzy Markup Language (FML) on 2010. In this paper, we use Interval Type-2 Fuzzy Set (IT2FS), eggdrop, and glftpd as a cloud service (software as a service) on the Google App Engine along with Python and Android. We believe this system can help improve the correctness of malware analysis results and reduce the rate of malware misdiagnosis.

Original languageEnglish
Title of host publicationProceedings 2012 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2012
Pages2821-2826
Number of pages6
DOIs
Publication statusPublished - 2012
Event2012 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2012 - Seoul, Korea, Republic of
Duration: 2012 Oct 142012 Oct 17

Publication series

NameConference Proceedings - IEEE International Conference on Systems, Man and Cybernetics
ISSN (Print)1062-922X

Other

Other2012 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2012
Country/TerritoryKorea, Republic of
CitySeoul
Period12-10-1412-10-17

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering
  • Control and Systems Engineering
  • Human-Computer Interaction

Fingerprint

Dive into the research topics of 'TWMAN+: A type-2 fuzzy ontology model for malware behavior analysis'. Together they form a unique fingerprint.

Cite this