Hierarchical Density-based Clustering of Malware Behaviour

Authors

  • Johari Abdullah Faculty of Computer Science & Information Technology, Universiti Malaysia Sarawak, 94300, Kota Samarahan, Sarawak, Malaysia.
  • Navein Chanderan Faculty of Computer Science & Information Technology, Universiti Malaysia Sarawak, 94300, Kota Samarahan, Sarawak, Malaysia.

Keywords:

Anomaly Detection, Automated Dynamic Malware Analysis, Clustering, Malware Behaviour,

Abstract

The numbers and diversity of malware variants grows exponentially over the years, and there is a need to improve the efficiency of analysing large number of malware samples efficiently. To address this problem, we propose a framework for the automatic analysis of a given malware’s dynamic properties using clustering technique. The framework also provides outlier discovery, abnormal behaviour analysis and discrimination of malware variants. We also created a module for normalisation of malware labelling based on the labels we get from VirusTotal, which provides consistency of malware labels for accurate analysis of malware family and types. An evaluation model for the proposed framework is also discussed. Ultimately, the proposed framework will ensure rapid analysis of malware samples and lead to better protection for various parties against malicious malware.

Downloads

Published

2017-09-15

How to Cite

Abdullah, J., & Chanderan, N. (2017). Hierarchical Density-based Clustering of Malware Behaviour. Journal of Telecommunication, Electronic and Computer Engineering (JTEC), 9(2-10), 159–164. Retrieved from https://jtec.utem.edu.my/jtec/article/view/2720

Most read articles by the same author(s)