Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Feature-Driven Formal Concept Analysis for Malware Hierarchy Construction

  • Conference paper
  • First Online:
Multi-disciplinary Trends in Artificial Intelligence (MIWAI 2015)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 9426))

Abstract

As the number of computer viruses have rapidly been increasing nowadays, automatic classification of viruses into a concept hierarchy is one of the emerging issues of malware research community. Among various approaches, Formal Concept Analysis (FCA) is a well-known technique which is capable of producing a concept lattice/hierarchy from a formal concept. However, the traditional approach of concept representation offered by FCA is not enough to capture the semantics of virus behaviors.

In recent literature, the operational mechanism of virus has often been represented by temporal logic for formal analysis. This motivates us to extend FCA into F-FCA (Feature-driven FCA) to overcome the discussed problem. In F-FCA, each formal object and concept is associated with a temporal logic formula. We also introduce an on-the-fly algorithm, known as FOCA, to generate a concept hierarchy on F-FCA by means of an object-joining operator. Experiments on a real dataset of 3000 virus samples demonstrate the efficiency of our approach, as compared to the traditional approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Detailed discussion on obfuscation technique is beyond the scope of this paper.

  2. 2.

    In this paper, we do not discuss on details the traditional FCA technique, of which interested readers can refer to [7].

  3. 3.

    http://vxheaven.org/.

References

  1. Muttik, I.: Silicon implants. Virus Bulletin, pp. 8–10 (1997)

    Google Scholar 

  2. Szor, P.: Advanced code evolution techniques and computer virus generator kits. The Art of Computer Virus Research and Defense (2005)

    Google Scholar 

  3. Kinder, J., Katzenbeisser, S., Schallhart, C., Veith, H.: Detecting Malicious Code by Model Checking. In: Julisch, K., Kruegel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 174–187. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. Song, F., Touili, T.: Efficient malware detection using model-checking. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 418–433. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  5. Song, F., Touili, T.: Pushdown model checking for malware detection. Int. J. Softw. Tools Technol. Transfer 16(2), 147–173 (2014)

    Article  Google Scholar 

  6. Huth, M., Ryan, M.: Logic in Computer Science: Modelling and reasoning about systems. Cambridge University Press (2004)

    Google Scholar 

  7. Ganter, B., Wille, R., Wille, R.: Formal concept analysis, vol. 284. Springer, Berlin (1999)

    Book  MATH  Google Scholar 

  8. Coste, F., Garet, G., Groisillier, A., Nicolas, J., Tonon, T.: Automated enzyme classification by formal concept analysis. In: Glodeanu, C.V., Kaytoue, M., Sacarea, C. (eds.) ICFCA 2014. LNCS, vol. 8478, pp. 235–250. Springer, Heidelberg (2014)

    Google Scholar 

  9. Obiedkov, S.: Modeling Ceteris Paribus preferences in formal concept analysis. In: Cellier, P., Distel, F., Ganter, B. (eds.) ICFCA 2013. LNCS, vol. 7880, pp. 188–202. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  10. Dubois, D., Prade, H.: Possibility theory and formal concept analysis: characterizing independent sub-contexts. Fuzzy Sets Syst. 196, 4–16 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  11. Lee, C., Jeon, J., Park, Y.: Monitoring trends of technological changes based on the dynamic patent lattice: a modified formal concept analysis approach. Technol. Forecast. Soc. Chang. 78(4), 690–702 (2011)

    Article  MathSciNet  Google Scholar 

  12. Du, Y., Li, H.: Strategy for mining association rules for web pages based on formal concept analysis. Appl. Soft Comput. 10(3), 772–783 (2010)

    Article  Google Scholar 

  13. Elzinga, P., Poelmans, J., Viaene, S., Dedene, G., Morsing, S.: Terrorist threat assessment with formal concept analysis. In: IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 77–82. IEEE (2010)

    Google Scholar 

  14. Dufour-Lussier, V., Lieber, J., Nauer, E., Toussaint, Y.: Text adaptation using formal concept analysis. In: Bichindaritz, I., Montani, S. (eds.) ICCBR 2010. LNCS, vol. 6176, pp. 96–110. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. He, N., Rümmer, P., Kroening, D.: Test-case generation for embedded simulink via formal concept analysis. In: Proceedings of the 48th Design Automation Conference, pp. 224–229. ACM (2011)

    Google Scholar 

  16. Doerfel, S., Jäschke, R., Stumme, G.: Publication analysis of the formal concept analysis community. In: Domenach, F., Ignatov, D.I., Poelmans, J. (eds.) ICFCA 2012. LNCS, vol. 7278, pp. 77–95. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  17. Zhang, G.-Q.: Chu spaces, concept lattices, and domains. Electron. Notes Theor. Comput. Sci. 83, 287–302 (2013)

    Article  Google Scholar 

  18. Ganter, B.: Two basic algorithms in concept analysis. In: Kwuida, L., Sertkaya, B. (eds.) ICFCA 2010. LNCS, vol. 5986, pp. 312–340. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  19. Poshyvanyk, D., Gethers, M., Marcus, A.: Concept location using formal concept analysis and information retrieval. ACM Trans. Software Eng. Methodol. (TOSEM) 21(4), 23 (2012)

    Article  Google Scholar 

  20. Wang, L., Liu, X., Cao, J.: A new algebraic structure for formal concept analysis. Inf. Sci. 180(24), 4865–4876 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  21. Duquenne, V.: Contextual implications between attributes and some representation properties for finite lattices. In: Cellier, P., Distel, F., Ganter, B. (eds.) ICFCA 2013. LNCS, vol. 7880, pp. 1–27. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  22. Obiedkov, S.: Modeling preferences over attribute sets in formal concept analysis. In: Domenach, F., Ignatov, D.I., Poelmans, J. (eds.) ICFCA 2012. LNCS, vol. 7278, pp. 227–243. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  23. Belohlavek, R., Vychodil, V.: Formal concept analysis and linguistic hedges. Int. J. Gen Syst. 41(5), 503–532 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  24. Quan, T.T., Hui, S.C., Cao, T.H.: A Fuzzy FCA-based Approach to Conceptual Clustering for Automatic Generation of Concept Hierarchy on Uncertainty Data. In: CLA, pp. 1–12 (2004)

    Google Scholar 

  25. Chu, W.W., Chiang, K.: Abstraction of High Level Concepts from Numerical Values in Databases. In: KDD Workshop, pp. 133–144. Citeseer (1994)

    Google Scholar 

  26. Nanas, N., Uren, V., De Roeck, A.: Building and applying a concept hierarchy representation of a user profile. In: Proceedings of the 26th annual international ACM SIGIR conference on Research and development in informaion retrieval, pp. 198–204. ACM (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Ho Chi Minh City University of Technology, Ho Chi Minh City, Vietnam

    Nguyen Thien Binh, Quan Thanh Tho & Nguyen Minh Hai

  2. Dong Nai University, Dong Nai, Vietnam

    Tran Cong Doi

Authors
  1. Nguyen Thien Binh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tran Cong Doi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Quan Thanh Tho
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nguyen Minh Hai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Nguyen Thien Binh , Tran Cong Doi or Quan Thanh Tho .

Editor information

Editors and Affiliations

  1. University College of London, London, United Kingdom

    Antonis Bikakis

  2. Fuzhou University, Fuzhou, China

    Xianghan Zheng

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Binh, N.T., Doi, T.C., Tho, Q.T., Hai, N.M. (2015). Feature-Driven Formal Concept Analysis for Malware Hierarchy Construction. In: Bikakis, A., Zheng, X. (eds) Multi-disciplinary Trends in Artificial Intelligence. MIWAI 2015. Lecture Notes in Computer Science(), vol 9426. Springer, Cham. https://doi.org/10.1007/978-3-319-26181-2_36

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26181-2_36

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26180-5

  • Online ISBN: 978-3-319-26181-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation