Browse by author
Lookup NU author(s): Dr Deepayan BhowmikORCiD
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
© 2022 IEEE. Exponential rise of Internet increases the risk of cyber attack related incidents which are generally caused by wide spread frequency of new malware generation. Different types of malware families have complex, dynamic behaviours and characteristics which can cause a novel and targeted attack in a cyber-system. Existence of large volume of malware types with frequent new additions hinders cyber resilience effort. To address the gap, we propose a new ontology driven framework that captures recent malware behaviours. According to code structure malware can be divided into three categories: basic, polymorphic and metamorphic. Packing or code obfuscation is also a technique adopted by the malware developers to make the code unreadable and avoid detection. Given that ontology techniques are useful to express the domain knowledge meaningfully, this paper aims to develop an ontology for dynamic analysis of malware behaviour and to capture metamorphic and polymorphic malware behaviour. This will be helpful to understand malicious behaviour exhibited by new generation malware samples and changes in their code structure. The proposed framework includes 14 malware families with their sub-families and 3 types of malware code-structure with their individuals. With a focus on malware behaviour the proposed ontology depicts the relations among malware families and malware code-structures with their respective behaviour.
Author(s): Chowdhury IR, Bhowmik D
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: IEEE Conference on Dependable and Secure Computing (DSC 2022)
Year of Conference: 2022
Online publication date: 26/09/2022
Acceptance date: 02/04/2018
Library holdings: Search Newcastle University Library for this item