Gesellschaft für Informatik e.V.

Lecture Notes in Informatics


Sicherheit 2010 Sicherheit, Schutz und Zuverlässigkeit P-170, 205-216 (2010).

Gesellschaft für Informatik, Bonn
2010


Copyright © Gesellschaft für Informatik, Bonn

Contents

A malware instruction set for behavior-based analysis

Philipp Trinius , Carsten Willems , Thorsten Holz and Konrad Rieck

Abstract


We introduce a new representation for monitored behavior of malicious software called Malware Instruction Set (MIST). The representation is optimized for effective and efficient analysis of behavior using data mining and machine learning techniques. It can be obtained automatically during analysis of malware with a behavior monitoring tool or by converting existing behavior reports. The representation is not restricted to a particular monitoring tool and thus can also be used as a meta language to unify behavior reports of different sources.


Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-264-2


Last changed 04.10.2013 18:32:23