Abstract
Recently, as the rapid development of the Internet enabled easy downloading of diverse files, the number of cases of file download from unreliable paths has been increasing. This situation is advantageous in that accessibility to information is improved while being disadvantageous in that there is no defense against exposure to malware. The present paper proposes a method of judging whether programs are malicious based on Cuckoo Sandbox, which is a dynamic malware analysis system and classify the programs by comparing malware programs collected and classified in advance based on the dynamic API call counts of the programs.
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIP) (No. NRF-2016R1A2B1012652, the MSIP(Ministry of Science, ICT and Future Planning, Korea, under the ITRC (Information Technology Research Center) support program (IITP-2016-R2718-16-0035) supervised by the IITP (National IT Industry Promotion Agency), the Basic Science Research Program through the NRF funded by the Ministry of Education (NRF-2015R1C1A1A02037561) and the 2016 Yeungnam University Research Grant.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Han, K.-S., Kim, I.-K., Im, E.-G.: Malware family classification method using API sequential characteristic. J. Secur. Eng. 8(2), 319–335 (2011)
Park, N.-Y., Kim, Y.-M., Noh, B.-N.: A behavior based detection for malicious code using obfuscation technique. J. Korea Inst. Inf. Secur. Cryptology, June 2006
Kang, T.-W., Cho, J.I., Chung, M.-H., Moon, J.-S.: Malware detection via hybrid analysis for API calls. J. Korea Inst. Inf. Secur. Cryptology, December 2007
Park, J.-W., Moon, S.-T., Son, G.-W., Kim, I.-K., Han, K.-S., Im, E.-G., Kim, I.-G.: An automatic malware classification system using string list and API. J. Secur. Eng. 8(5), 611 (2011)
Cuckoo Sandbox. http://www.cuckoosandbox.com
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kim, J., Lee, S., Youn, J.M., Choi, H. (2017). A Study of Simple Classification of Malware Based on the Dynamic API Call Counts. In: Park, J., Pan, Y., Yi, G., Loia, V. (eds) Advances in Computer Science and Ubiquitous Computing. UCAWSN CUTE CSA 2016 2016 2016. Lecture Notes in Electrical Engineering, vol 421. Springer, Singapore. https://doi.org/10.1007/978-981-10-3023-9_147
Download citation
DOI: https://doi.org/10.1007/978-981-10-3023-9_147
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-3022-2
Online ISBN: 978-981-10-3023-9
eBook Packages: EngineeringEngineering (R0)