Skip to main content
SpringerLink
Log in

A Study of Simple Classification of Malware Based on the Dynamic API Call Counts

  • Conference paper
  • First Online:
Advances in Computer Science and Ubiquitous Computing (UCAWSN 2016, CUTE 2016, CSA 2016)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 421))

Abstract

Recently, as the rapid development of the Internet enabled easy downloading of diverse files, the number of cases of file download from unreliable paths has been increasing. This situation is advantageous in that accessibility to information is improved while being disadvantageous in that there is no defense against exposure to malware. The present paper proposes a method of judging whether programs are malicious based on Cuckoo Sandbox, which is a dynamic malware analysis system and classify the programs by comparing malware programs collected and classified in advance based on the dynamic API call counts of the programs.

This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIP) (No. NRF-2016R1A2B1012652, the MSIP(Ministry of Science, ICT and Future Planning, Korea, under the ITRC (Information Technology Research Center) support program (IITP-2016-R2718-16-0035) supervised by the IITP (National IT Industry Promotion Agency), the Basic Science Research Program through the NRF funded by the Ministry of Education (NRF-2015R1C1A1A02037561) and the 2016 Yeungnam University Research Grant.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Han, K.-S., Kim, I.-K., Im, E.-G.: Malware family classification method using API sequential characteristic. J. Secur. Eng. 8(2), 319–335 (2011)

    Google Scholar 

  2. Park, N.-Y., Kim, Y.-M., Noh, B.-N.: A behavior based detection for malicious code using obfuscation technique. J. Korea Inst. Inf. Secur. Cryptology, June 2006

    Google Scholar 

  3. Kang, T.-W., Cho, J.I., Chung, M.-H., Moon, J.-S.: Malware detection via hybrid analysis for API calls. J. Korea Inst. Inf. Secur. Cryptology, December 2007

    Google Scholar 

  4. Park, J.-W., Moon, S.-T., Son, G.-W., Kim, I.-K., Han, K.-S., Im, E.-G., Kim, I.-G.: An automatic malware classification system using string list and API. J. Secur. Eng. 8(5), 611 (2011)

    Google Scholar 

  5. Cuckoo Sandbox. http://www.cuckoosandbox.com

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Yeungnam University, Gyeongsan, Gyeongbuk, 38541, South Korea

    Jihun Kim, Seungwon Lee & Jonghee M. Youn

  2. Department of Multimedia Engineering, Hanbat National University, Daejeon, 34158, South Korea

    Haechul Choi

Authors
  1. Jihun Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seungwon Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jonghee M. Youn
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Haechul Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jonghee M. Youn .

Editor information

Editors and Affiliations

  1. Computer Science and Engineering, Seoul National University of Science and Technology, Seoul, Korea (Republic of)

    James J. (Jong Hyuk) Park

  2. Department of Computer Science, Georgia State University, Atlanta, Georgia, USA

    Yi Pan

  3. Computer Science and Engineering, Gangneung-Wonju National University, Wonju, Korea (Republic of)

    Gangman Yi

  4. University Salerno, Fisciano, Italy

    Vincenzo Loia

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Kim, J., Lee, S., Youn, J.M., Choi, H. (2017). A Study of Simple Classification of Malware Based on the Dynamic API Call Counts. In: Park, J., Pan, Y., Yi, G., Loia, V. (eds) Advances in Computer Science and Ubiquitous Computing. UCAWSN CUTE CSA 2016 2016 2016. Lecture Notes in Electrical Engineering, vol 421. Springer, Singapore. https://doi.org/10.1007/978-981-10-3023-9_147

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-3023-9_147

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-3022-2

  • Online ISBN: 978-981-10-3023-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation