Skip to main content
Springer Nature Link
Log in

Experiments with Malware Visualization

  • Conference paper
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7591))

  • 2044 Accesses

Abstract

This paper proposes DotPlot visualizations [1,8] for comparing and clustering malware. We describe how to process and customize the malware memory images to get robust and scalable visualizations. We demonstrate the effectiveness of the visualizations for analysing, comparing and clustering malware.

This work has been supported by grant R-394-000-054-232.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Foote, J.: Visualizing Music and Audio using Self-Similarity. In: ACM Multimedia (1999)

    Google Scholar 

  2. Li, P., Liu, L., Gao, D., Reiter, M.K.: On Challenges in Evaluating Malware Clustering. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 238–255. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  3. Maizel, J.V., Lenk, R.P.: Enhanced Graphic Matrix Analysis of Nucleic Acid and Protein Sequences. National Acad. of Science (1981)

    Google Scholar 

  4. Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware Images: Visualization and Automatic Classification. In: VizSec (2011)

    Google Scholar 

  5. Panas, T.: Signature Visualization of Software Binaries. In: SoftVis (2008)

    Google Scholar 

  6. Quist, D.A., Liebrock, L.M.: Visualizing Compiled Executables for Malware Analysis. In: VizSec (2009)

    Google Scholar 

  7. Trinius, P., Holz, T., Gobel, J., Freiling, F.C.: Visual Analysis of Malware Behavior Using Treemaps and Thread Graphs. In: VizSec (2009)

    Google Scholar 

  8. Wu, Y., Yap, R.H.C., Halim, F.: Visualizing Windows System Traces. In: SoftVis (2010)

    Google Scholar 

  9. Ramnath, R., Sufatrio, Yap, R.H.C., Wu, Y.: WinResMon: A Tool for Discovering Software Dependencies, Configuration and Requirements in Windows. In: LISA (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Singapore University of Technology and Design, 20 Dover Drive, Singapore, 138682

    Yongzheng Wu

  2. School of Computing, National University of Singapore, 13 Computing Drive, Singapore, 117417

    Roland H. C. Yap

Authors
  1. Yongzheng Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Roland H. C. Yap
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department C, HFT Stuttgart, Schellingstr. 24, 70174, Stuttgart, Germany

    Ulrich Flegel

  2. Department of Computer Science, Foundation for Research and Technology – Hellas (FORTH), 100 Plastira Ave, Vassilika Vouton, 70013, Heraklion, Crete, Greece

    Evangelos Markatos

  3. College of Computer and Information Science, Northeastern University, 360 Huntington Ave, 02115, Boston, MA, USA

    William Robertson

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wu, Y., Yap, R.H.C. (2013). Experiments with Malware Visualization. In: Flegel, U., Markatos, E., Robertson, W. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2012. Lecture Notes in Computer Science, vol 7591. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37300-8_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-37300-8_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-37299-5

  • Online ISBN: 978-3-642-37300-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics