loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Taegyu Kim 1 ; Woomin Hwang 1 ; Chulmin Kim 1 ; Dong-Jae Shin 1 ; Ki-Woong Park 2 and Kyu Ho Park 1

Affiliations: 1 Korea Advanced Institute of Science and Technology (KAIST), Korea, Republic of ; 2 Daejeon University, Korea, Republic of

ISBN: 978-989-758-081-9

ISSN: 2184-4356

Keyword(s): Malware Variant Classification, Identical Structured Control Flow, Table Division, Dynamic Resource Allocation, NUMA (Non Uniform Memory Access).

Related Ontology Subjects/Areas/Topics: Communication and Software Technologies and Architectures ; Computer-Supported Education ; e-Business ; Energy and Economy ; Enterprise Information Systems ; Information Technologies Supporting Learning ; Mobile and Pervasive Computing ; Security and Privacy ; Sustainable Computing and Communications ; Telecommunications

Abstract: Control flow matching methods have been utilized to detect malware variants. However, as the number of malware variants has soared, it has become harder and harder to detect all malware variants while maintaining high accuracy. Even though many researchers have proposed control flow matching methods, there is still a trade-off between accuracy and performance. To solve this trade-off, we designed Malfinder, a method based on approximate matching, which is accurate but slow. To overcome its low performance, we resolve its performance bottleneck and non-parallelism on three fronts: I-Filter for identical string matching, table division to exclude unnecessary comparisons with some malware and dynamic resource allocation for efficient parallelism. Our performance evaluation shows that the total performance improvement is 280.9 times.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 34.238.248.103

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Kim, T.; Hwang, W.; Kim, C.; Shin, D.; Park, K. and Park, K. (2015). Malfinder: Accelerated Malware Classification System through Filtering on Manycore System.In Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-081-9, ISSN 2184-4356, pages 17-26. DOI: 10.5220/0005227500170026

@conference{icissp15,
author={Taegyu Kim. and Woomin Hwang. and Chulmin Kim. and Dong{-}Jae Shin. and Ki{-}Woong Park. and Kyu Ho Park.},
title={Malfinder: Accelerated Malware Classification System through Filtering on Manycore System},
booktitle={Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2015},
pages={17-26},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005227500170026},
isbn={978-989-758-081-9},
}

TY - CONF

JO - Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Malfinder: Accelerated Malware Classification System through Filtering on Manycore System
SN - 978-989-758-081-9
AU - Kim, T.
AU - Hwang, W.
AU - Kim, C.
AU - Shin, D.
AU - Park, K.
AU - Park, K.
PY - 2015
SP - 17
EP - 26
DO - 10.5220/0005227500170026

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.