본문 바로가기
  • Home

A Study on Similarity Comparison for File DNA-Based Metamorphic Malware Detection

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2014, 19(1), pp.85-94
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science

Eun-Gyeom Jang 1 이상준 2 이중인 3

1대전대학교
2평택대학교
3리얼타임테크

Accredited

ABSTRACT

This paper studied the detection technique using file DNA-based behavior pattern analysis inorder to minimize damage to user system by malicious programs before signature or security patchis released. The file DNA-based detection technique was applied to defend against zero day attackand to minimize false detection, by remedying weaknesses of the conventional network-basedpacket detection technique and process-based detection technique. For the file DNA-baseddetection technique, abnormal behaviors of malware were splitted into network-related behaviorsand process-related behaviors. This technique was employed to check and block crucial behaviorsof process and network behaviors operating in user system, according to the fixed conditions, to analyze the similarity of behavior patterns of malware, based on the file DNA which processbehaviors and network behaviors are mixed, and to deal with it rapidly through hazard warningand cut-off.

Citation status

* References for papers published after 2022 are currently being built.