IT2FS-based ontology with soft-computing mechanism for malware behavior analysis

Hsien De Huang, Chang Shing Lee, Mei Hui Wang, Hung Yu Kao

研究成果: Article同行評審

18 引文 斯高帕斯(Scopus)

摘要

Antimalware application is one of the most important research issues in the area of cyber security threat. Nowadays, because hackers continuously develop novel techniques to intrude into computer systems for various reasons, many security researchers should analyze and track new malicious program to protect sensitive and valuable information in the organization. In this paper, we propose a novel soft-computing mechanism based on the ontology model for malware behavioral analysis: Malware Analysis Network in Taiwan (MAN in Taiwan, MiT). The core techniques of MiT contain two parts listed as follows: (1) collect the logs of network connection, registry, and memory from the operation system on the physical-virtual hybrid analysis environment to get and extract more unknown malicious behavior information. The important information is then extracted to construct the ontology model by using the Web Ontology Language and Fuzzy Markup Language. Additionally, MiT is also able to automatically provide and share samples and reports via the cloud storage mechanism; (2) apply the techniques of Interval Type-2 Fuzzy Set to construct the malware analysis domain knowledge, namely the Interval Type-2 Fuzzy Malware Ontology (IT2FMO), for malware behavior analysis. Simulation results show that the proposed approach can effectively execute the malware behavior analysis, and the constructed system has also released under GNU General Public License version 3. In the future, the system is expected to largely collect and analyze malware samples for providing industries or universities to do related applications via the established IT2FMO.

原文English
頁(從 - 到)267-284
頁數18
期刊Soft Computing
18
發行號2
DOIs
出版狀態Published - 2014 2月

All Science Journal Classification (ASJC) codes

  • 軟體
  • 理論電腦科學
  • 幾何和拓撲

指紋

深入研究「IT2FS-based ontology with soft-computing mechanism for malware behavior analysis」主題。共同形成了獨特的指紋。

引用此