@inproceedings{7155a4fd286549249eb2c69d4f2c10e3,
title = "Toward extracting malware features for classification using static and dynamic analysis",
abstract = "Because of a great many malware, they must be classified into malware family before being analyzed manually. Otherwise, we cannot analyze and handle them in real time. By classifying them, we can analyze only some unknown malwares intensively. In this paper, we propose a framework for malware classification using static and dynamic analysis. We focus on techniques that extract malware features. We name the framework GATTACA(Genome-based ATTACk geneAlogy) from the movie that covers genome of human. We define features of Malware as Mal-DNA(Malware DNA). Mal-DNA includes static, hybrid and dynamic characteristics. In short, GATTACA is the framework for extracting Mal-DNA from malwares and classifying them. GATTACA consists of three components: (1) START(STatic Analyzer using vaRious Techniques) extracts static Mal-DNA of malware. (2) DeBON(Debugging-based Behavior mOnitor and aNalyzer) extracts hybrid and dynamic Mal-DNA of them. (3) CLAM(CLassifier using Mal-DNA) classifies malwares based on Mal-DNA using machine learning. START and DeBON extract Mal-DNA, and CLAM classifies malwares based on Mal-DNA. In this paper, we target on START and DeBON extracting Mal-DAN from malwares.",
keywords = "Feature Extraction, Malware Classification",
author = "Choi, {Young Han} and Han, {Byoung Jin} and Bae, {Byung Chul} and Oh, {Hyung Geun} and Sohn, {Ki Wook}",
year = "2012",
language = "English",
isbn = "9788994364179",
series = "Proceedings - 2012 8th International Conference on Computing and Networking Technology (INC, ICCIS and ICMIC), ICCNT 2012",
pages = "126--129",
booktitle = "Proceedings - 2012 8th International Conference on Computing and Networking Technology (INC, ICCIS and ICMIC), ICCNT 2012",
note = "2012 8th International Conference on Computing and Networking Technology (INC, ICCIS and ICMIC), ICCNT 2012 ; Conference date: 27-08-2012 Through 29-08-2012",
}