Machine learning for attack vector identification in malicious source code

Victor A. Benjamin, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Scopus citations

Abstract

As computers and information technologies become ubiquitous throughout society, the security of our networks and information technologies is a growing concern. As a result, many researchers have become interested in the security domain. Among them, there is growing interest in observing hacker communities for early detection of developing security threats and trends. Research in this area has often reported hackers openly sharing cybercriminal assets and knowledge with one another. In particular, the sharing of raw malware source code files has been documented in past work. Unfortunately, malware code documentation appears often times to be missing, incomplete, or written in a language foreign to researchers. Thus, analysis of such source files embedded within hacker communities has been limited. Here we utilize a subset of popular machine learning methodologies for the automated analysis of malware source code files. Specifically, we explore genetic algorithms to resolve questions related to feature selection within the context of malware analysis. Next, we utilize two common classification algorithms to test selected features for identification of malware attack vectors. Results suggest promising direction in utilizing such techniques to help with the automated analysis of malware source code.

Original languageEnglish (US)
Title of host publicationIEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics
Subtitle of host publicationBig Data, Emergent Threats, and Decision-Making in Security Informatics
Pages21-23
Number of pages3
DOIs
StatePublished - 2013
Event11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013 - Seattle, WA, United States
Duration: Jun 4 2013Jun 7 2013

Publication series

NameIEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics

Other

Other11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013
Country/TerritoryUnited States
CitySeattle, WA
Period6/4/136/7/13

Keywords

  • Cyber security
  • Malware analysis
  • Static analysis

ASJC Scopus subject areas

  • Artificial Intelligence
  • Information Systems

Fingerprint

Dive into the research topics of 'Machine learning for attack vector identification in malicious source code'. Together they form a unique fingerprint.

Cite this