Abstract :
Computers and internet-based technologies are an essential aspect of modern life. Numerous network architectures are used to connect computers, and occasionally, it’s feasible for a particular network or machine to be attacked by malicious software, or malware. Numerous negative outcomes, such as system damage, data theft, performance deterioration, spamming, and more, might arise from these attacks. Malware comes in a variety of forms, including as viruses, worms, spyware, rootkits, and many more. Every year, millions and millions of new malware samples are sent to antivirus research firms. The ever-increasing number of malware samples makes it impossible to examine each one separately. This results in a low detection rate of fresh malware samples due to a delay in the propagation of malware signatures. Researchers from Symantec Labs created Mutant X-S, a scalable malware categorization framework, to address this problem. MutantX-S is able to efficiently group samples according to how similar they are to one another. This framework offers a scalable solution to handle the enormous volume of malware that exists in the wild. The Mutant X-S is designed to enhance current dynamic behavior-based systems rather than replace them in order to improve malware program coverage and clustering accuracy [1].
Keywords :
Clustering, Hashing, Malware, MutantX-S, N-gramReferences :
- Faruki, P., Bhan, R., Jain, V., Bhatia, S., El Madhoun, N., & Pamula, R. (2023). A Survey and Evaluation of Android-Based Malware Evasion Techniques and Detection Frameworks. Information 2023, 14, 374.
- Chhabra, A., Masalkovaitė, K., & Mohapatra, P. (2021). An overview of fairness in clustering. IEEE Access, 9, 130698-130720.
- Poornima, S., & Subramanian, T. (2022). Evolution of Deep Quantum Learning Models Based on Comprehensive Survey on Effective Malware Identification and Analysis. Artificial Intelligence, Machine Learning and Blockchain in Quantum Satellite, Drone and Network, 83-105.
- Nadim, M., Lee, W., & Akopian, D. (2023). Kernel-level rootkit detection, prevention and behavior profiling: A taxonomy and survey. arXiv preprint arXiv:2304.00473.
- Haq, I. U., & Caballero, J. (2021). A survey of binary code similarity. Acm computing surveys (csur), 54(3), 1-38.
- Balande, B. B., Kolte, D. M., Manza, R. R., & Revate, S. S. (2023, November). Literature Review on N-Gram Text Classification Models for Hotel Reviews Sentiment Analysis. In International Conference on Computational Intelligence (pp. 641-655). Singapore: Springer Nature Singapore.
- BAYER, U., COMPARETTI, P., HLAUSCHEK, C., KRUEGEL, C., AND KIRDA, E. Scalable, behavior-based malware clustering. In Proc. of the 16th NDSS (2009).
- HU, X., BHATKAR S., GRIFFIN K., SHIN K. G., MutantX-S: Scalable Malware Clustering Based on Static Features. USENIX Annual Technical Conference (2013)
- KRUEGEL, C., ROBERTSON, W., VALEUR, F., AND VIGNA, G. Static disassembly of obfuscated binaries. In Proceedings of the 13th conference on USENIX Security Symposium (2004).
- RABER, J., AND LASPE, E. Deobfuscator: An automated approach to the identification and removal of code obfuscation. Reverse Engineering, Working Conference on (2007)
- RIECK, K., TRINIUS, P., WILLEMS, C., AND HOLZ, T. Automatic analysis of malware behavior using machine learning. Tech report, Berlin Institute of Technology (2009)
- UDUPA, S. K. DEBRAY, S. K., AND MADOU, M. Deobfuscation: Reverse engineering obfuscated code. Reverse Engineering, Working Conference on (2005)
- YASON, M. The Art of Unpacking, http://www.blackhat.com/presentations/bh-usa-07/yason/whitepaper/bh-usa-07-yason-wp.pdf
- Murmurhash 2.0. http://sites.google.com/site/murmurhash
- PEiD 0.95 Packer,Cryptor,Compiler detector http://www.peid.info , 2008
- IDA Pro Interactive Disassembler https://www.hex-rays.com/products/ida/
