Classification of Malware Using Visualisation of Similarity Matrices

Sitalakshmi Venkatraman, Mamoun Alazab

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

Abstract

Malicious software (malware) attacks are on the rise with the explosion of Internet of Things (IoT) worldwide. With the proliferation of Big Data, it becomes a time consuming process to use various automatic approaches and techniques that are available to detect and capture malware thoroughly. Visualisation techniques can support the malware analysis process for performing the similarity comparisons and summarisation of possible malware in such Big Data contexts. In this paper, we design a novel classification of malware using visualization of similarity matrices. The prime motivation of our proposal is to detect unknown malwares that undergo the innumerable obfuscations of extended x86 IA-32 (opcodes) in order to evade from traditional detection methods. Overall, the high accuracy of classification achieved with our proposed model can be observed visually due to significant dissimilarity of the behaviour patterns exhibited by malware opcodes as compared to benign opcodes.

Original languageEnglish
Title of host publicationProceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017
EditorsAmeer Al-Nemrat, Mamoun Alazab
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages3-8
Number of pages6
ISBN (Electronic)9781538621431
ISBN (Print)9781538621448
DOIs
Publication statusPublished - 9 Jan 2018
Externally publishedYes
Event2017 Cybersecurity and Cyberforensics Conference, CCC 2017 - London, United Kingdom
Duration: 21 Nov 201723 Nov 2017

Publication series

NameProceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017
Volume2018-September

Conference

Conference2017 Cybersecurity and Cyberforensics Conference, CCC 2017
CountryUnited Kingdom
CityLondon
Period21/11/1723/11/17

Fingerprint

Visualization
Malware
Software
Explosions
Big data

Cite this

Venkatraman, S., & Alazab, M. (2018). Classification of Malware Using Visualisation of Similarity Matrices. In A. Al-Nemrat, & M. Alazab (Eds.), Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017 (pp. 3-8). (Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017; Vol. 2018-September). IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/CCC.2017.11
Venkatraman, Sitalakshmi ; Alazab, Mamoun. / Classification of Malware Using Visualisation of Similarity Matrices. Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017. editor / Ameer Al-Nemrat ; Mamoun Alazab. IEEE, Institute of Electrical and Electronics Engineers, 2018. pp. 3-8 (Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017).
@inproceedings{abe7472fb1ed41568efcc32f1bfcc50d,
title = "Classification of Malware Using Visualisation of Similarity Matrices",
abstract = "Malicious software (malware) attacks are on the rise with the explosion of Internet of Things (IoT) worldwide. With the proliferation of Big Data, it becomes a time consuming process to use various automatic approaches and techniques that are available to detect and capture malware thoroughly. Visualisation techniques can support the malware analysis process for performing the similarity comparisons and summarisation of possible malware in such Big Data contexts. In this paper, we design a novel classification of malware using visualization of similarity matrices. The prime motivation of our proposal is to detect unknown malwares that undergo the innumerable obfuscations of extended x86 IA-32 (opcodes) in order to evade from traditional detection methods. Overall, the high accuracy of classification achieved with our proposed model can be observed visually due to significant dissimilarity of the behaviour patterns exhibited by malware opcodes as compared to benign opcodes.",
keywords = "data mining, malware, patterns, similarity measure, visualisation",
author = "Sitalakshmi Venkatraman and Mamoun Alazab",
year = "2018",
month = "1",
day = "9",
doi = "10.1109/CCC.2017.11",
language = "English",
isbn = "9781538621448",
series = "Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
pages = "3--8",
editor = "Ameer Al-Nemrat and Mamoun Alazab",
booktitle = "Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017",
address = "United States",

}

Venkatraman, S & Alazab, M 2018, Classification of Malware Using Visualisation of Similarity Matrices. in A Al-Nemrat & M Alazab (eds), Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017. Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017, vol. 2018-September, IEEE, Institute of Electrical and Electronics Engineers, pp. 3-8, 2017 Cybersecurity and Cyberforensics Conference, CCC 2017, London, United Kingdom, 21/11/17. https://doi.org/10.1109/CCC.2017.11

Classification of Malware Using Visualisation of Similarity Matrices. / Venkatraman, Sitalakshmi; Alazab, Mamoun.

Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017. ed. / Ameer Al-Nemrat; Mamoun Alazab. IEEE, Institute of Electrical and Electronics Engineers, 2018. p. 3-8 (Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017; Vol. 2018-September).

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

TY - GEN

T1 - Classification of Malware Using Visualisation of Similarity Matrices

AU - Venkatraman, Sitalakshmi

AU - Alazab, Mamoun

PY - 2018/1/9

Y1 - 2018/1/9

N2 - Malicious software (malware) attacks are on the rise with the explosion of Internet of Things (IoT) worldwide. With the proliferation of Big Data, it becomes a time consuming process to use various automatic approaches and techniques that are available to detect and capture malware thoroughly. Visualisation techniques can support the malware analysis process for performing the similarity comparisons and summarisation of possible malware in such Big Data contexts. In this paper, we design a novel classification of malware using visualization of similarity matrices. The prime motivation of our proposal is to detect unknown malwares that undergo the innumerable obfuscations of extended x86 IA-32 (opcodes) in order to evade from traditional detection methods. Overall, the high accuracy of classification achieved with our proposed model can be observed visually due to significant dissimilarity of the behaviour patterns exhibited by malware opcodes as compared to benign opcodes.

AB - Malicious software (malware) attacks are on the rise with the explosion of Internet of Things (IoT) worldwide. With the proliferation of Big Data, it becomes a time consuming process to use various automatic approaches and techniques that are available to detect and capture malware thoroughly. Visualisation techniques can support the malware analysis process for performing the similarity comparisons and summarisation of possible malware in such Big Data contexts. In this paper, we design a novel classification of malware using visualization of similarity matrices. The prime motivation of our proposal is to detect unknown malwares that undergo the innumerable obfuscations of extended x86 IA-32 (opcodes) in order to evade from traditional detection methods. Overall, the high accuracy of classification achieved with our proposed model can be observed visually due to significant dissimilarity of the behaviour patterns exhibited by malware opcodes as compared to benign opcodes.

KW - data mining

KW - malware

KW - patterns

KW - similarity measure

KW - visualisation

UR - http://www.scopus.com/inward/record.url?scp=85050485922&partnerID=8YFLogxK

U2 - 10.1109/CCC.2017.11

DO - 10.1109/CCC.2017.11

M3 - Conference Paper published in Proceedings

SN - 9781538621448

T3 - Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017

SP - 3

EP - 8

BT - Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017

A2 - Al-Nemrat, Ameer

A2 - Alazab, Mamoun

PB - IEEE, Institute of Electrical and Electronics Engineers

ER -

Venkatraman S, Alazab M. Classification of Malware Using Visualisation of Similarity Matrices. In Al-Nemrat A, Alazab M, editors, Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017. IEEE, Institute of Electrical and Electronics Engineers. 2018. p. 3-8. (Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017). https://doi.org/10.1109/CCC.2017.11