Network-based Executable File Extraction and Analysis for Malware Detection

Byoungkoo Kim; Ikkyun Kim; Tai-Myoung Chung

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Network-based Executable File Extraction and Analysis for Malware Detection

Topics: Network Security; Secure Software Development Methodologies; Security Information Systems Architecture and Design and Security Patterns

In Proceedings of the International Conference on Security and Cryptography - Volume 0ICETE, 430-433, 2012 , Rome, Italy

Authors: Byoungkoo Kim ¹ ; Ikkyun Kim ² and Tai-Myoung Chung ³

Affiliations: ¹ Electronics and Teletcommunicatons Research Institute and Sungkyunkwan University, Korea, Republic of ; ² Electronics and Teletcommunicatons Research Institute, Korea, Republic of ; ³ Sungkyunkwan University, Korea, Republic of

Keyword(s): Network Packet, Malware Detection, Region Analysis, Executable File.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Network Security ; Secure Software Development Methodologies ; Security in Information Systems ; Security Information Systems Architecture and Design and Security Patterns ; Wireless Network Security

Abstract: The injury by various computer viruses is over the time comprised of the tendency to increase. Therefore, various methodologies for protecting the computer system from the threats of new malicious software are actively studied. In this paper, we present a network-based executable file extraction and analysis technique for malware detection. Here, an executable file extraction is processed by executable file specific session and pattern matching in reconfiguring hardware. Next, malware detection is processed by clustering analysis technique about an executable file which is divided into many regions. In other words, it detects a malware by measuring the byte distribution similarity between malicious executable files and normal executable files. The proposed technique can detect not only the known malicious software but also the unknown malicious software. Most of all, it uses network packets as analysis source unlike the existing host anti-virus techniques. Besides, the proposed detec tion technique easily can detect malicious software without complicated command analysis. Therefore, our approach can minimize the load on the system execution despite the load on the additional network packet processing. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.147.104.120

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Kim, B.; Kim, I. and Chung, T. (2012). Network-based Executable File Extraction and Analysis for Malware Detection. In Proceedings of the International Conference on Security and Cryptography (ICETE 2012) - SECRYPT; ISBN 978-989-8565-24-2; ISSN 2184-3236, SciTePress, pages 430-433. DOI: 10.5220/0004126104300433

@conference{secrypt12,
author={Byoungkoo Kim. and Ikkyun Kim. and Tai{-}Myoung Chung.},
title={Network-based Executable File Extraction and Analysis for Malware Detection},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2012) - SECRYPT},
year={2012},
pages={430-433},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004126104300433},
isbn={978-989-8565-24-2},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2012) - SECRYPT
TI - Network-based Executable File Extraction and Analysis for Malware Detection
SN - 978-989-8565-24-2
IS - 2184-3236
AU - Kim, B.
AU - Kim, I.
AU - Chung, T.
PY - 2012
SP - 430
EP - 433
DO - 10.5220/0004126104300433
PB - SciTePress