Conference item icon

Conference item

Classification of malware families based on runtime behaviour

Abstract:

This paper distinguishes malware families from a specific category (i.e., ransomware) via dynamic analysis. We collect samples from four ransomware families and use Cuckoo sandbox environment, to observe their runtime behaviour. This study aims to provide new insight into malware family classification by comparing possible runtime features, and application of different extraction and selection techniques on them. As we try many extraction models on call traces such as bag-of-words, ngram sequ...

Expand abstract
Publication status:
Published
Peer review status:
Reviewed (other)
Version:
Accepted Manuscript

Actions


Access Document


Files:
Publisher copy:
10.1007/978-3-030-01689-0

Authors


More by this author
Institution:
University of Oxford
Oxford college:
Wolfson College
More by this author
Institution:
University of Oxford
Division:
Maths, Physical & Life Sciences
Department:
Computer Science
ORCID:
0000-0002-0860-5130
Publisher:
Springer Publisher's website
Volume:
11161
Pages:
33-48
Series:
Lecture Notes in Computer Science
Publication date:
2018-11-01
Acceptance date:
2018-07-30
DOI:
EISSN:
9876-1234
ISSN:
0302-9743
Pubs id:
pubs:891777
URN:
uri:73cd7ab6-ce60-4ca4-a30b-7ebb931b6e1f
UUID:
uuid:73cd7ab6-ce60-4ca4-a30b-7ebb931b6e1f
Local pid:
pubs:891777
ISBN:
9783030016883

Terms of use


Metrics



If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP