Title: Static Analysis and Clustering of Malware Applying Text Based Search

Year of Publication: 2013
Page Numbers: 188-193
Authors: Mudhi Aljamea, Vida Ghanaei, Costas S. Iliopoulos, Richard E Overill
Conference Name: The International Conference on Digital Information Processing, E-Business and Cloud Computing (DIPECC2013)
- United Arab Emirates


Malware is computer software with the harmful intension to both computers and networks. Anti-virus companies receive extensive amount of malware variants daily, therefore there is an essential need to automatically cluster malware variants into their corresponding family in order to reduce the effort and time on manual analysis. As malware variants which belong to the same family, share certain amount of code, we classify them into the same cluster based on the shared features that we extract from them. In this paper we propose a static analysis approach using text based search technique, control flow graph, hashing, and machine learning to cluster malware variants accordingly. However, this is an ongoing work, but we will be able to explain our methodology and the preliminary results achieved.