Fuzzy Markup Language for Malware Behavioral Analysis

  • Hsien-De Huang
  • Giovanni Acampora
  • Vincenzo Loia
  • Chang-Shing Lee
  • Hani Hagras
  • Mei-Hui Wang
  • Hung-Yu Kao
  • Jee-Gong Chang
Part of the Studies in Fuzziness and Soft Computing book series (STUDFUZZ, volume 296)

Abstract

In recent years, antimalware applications represented one of the most important research topics in the area of network security threat. In addition, malware have become a growing important problem for governments and commercial organizations. The key point of the research on the network security is to judge and validate the similarity metrics among the malicious software. Indeed, most computer network issues are also caused by malware. As a consequence, one enhanced system to analyze the behavior of malwares is needed to try to predict the malicious actions and to minimize the computer damages caused by the malware. However, the conventional data analysis tools lack the ability to deal with the computer safety because the environments malwares operating are with high levels of imprecision and vagueness. For this reason, we have developed Taiwan Malware Analysis Net (TWMAN) to improve the accuracy of malware behavioral analysis. This chapter tries to explorer and deal with these computer security and safety issues by integrating the semantic technologies and computational intelligence methods, such as the fuzzy ontologies and fuzzy markup language (FML). With the proposed approach, the malware identification has achieved a good performance according to the experimental results.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Acampora, G., Gaeta, M., Loia, V., Vasilakos, A.V.: Interoperable and adaptive fuzzy services for ambient intelligence applications. ACM Transactions on Autonomous and Adaptive Systems 5(2), 1–26 (2010)CrossRefGoogle Scholar
  2. 2.
    Acampora, G., Loia, V.: Using FML and fuzzy technology in adaptive ambient intelligence environments. International Journal of Computational Intelligence Research 1(2), 171–182 (2005)CrossRefGoogle Scholar
  3. 3.
    Acampora, G., Loia, V.: Fuzzy control interoperability and scalability for adaptive domotic framework. IEEE Transactions on Industrial Informatics 2, 97–111 (2005)CrossRefGoogle Scholar
  4. 4.
    Acampora, G., Loia, V.: A proposal of ubiquitous fuzzy computing for Ambient Intelligence. Information Sciences 178(3), 631–646 (2008)CrossRefGoogle Scholar
  5. 5.
    Bobillo, F., Straccia, U.: Representing fuzzy ontologies in OWL 2. In: 2010 IEEE World Congress on Computational Intelligence (WCCI 2010), Barcelona, Spain, July 18-23 (2010)Google Scholar
  6. 6.
    Ho, S.H., Yang, C.L., Chen, C.Y., Hsu, C.Y., Chang, Y.K.: An Intelligent-Mamdani Inference Scheme for Healthcare Applications Based on Fuzzy Markup Language. In: 2009 10th International Symposium on Pervasive Systems, Algorithms, and Networks (ISPAN 2009), Kaohsiung, Taiwan, December 14-16 (2009)Google Scholar
  7. 7.
    Huang, H.D., Chuang, T.Y., Tsai, Y.L., Lee, C.S.: Ontology-based Intelligent System for Malware Behavioral Analysis. In: 2010 IEEE World Congress on Computational Intelligence (WCCI 2010), Barcelona, Spain, July 18-23 (2010)Google Scholar
  8. 8.
    Huang, H.D., Lee, C.S., Kao, H.Y., Tsai, Y.L., Chang, J.G.: Malware Behavioral Analysis System: TWMAN. In: 2011 IEEE Symposium on Computational Intelligence for Intelligent Agent (IEEE SSCI 2011), Paris, France, April 11-15 (2011)Google Scholar
  9. 9.
    Huang, H.D., Loia, V., Acampora, G., Lee, C.S., Kao, H.Y.: Applying FML and Fuzzy Ontologies to Malware Behavioral Analysis. In: 2011 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE 2011), Taipei, Taiwan, June 27-30 (2011)Google Scholar
  10. 10.
    Hungenberg, T., Eckert, M.: INetSim (2010), http://www.inetsim.org
  11. 11.
    Kornblum, J.: ssdeep (2010), http://ssdeep.sourceforge.net
  12. 12.
    Lee, C.S., Jian, Z.W., Huang, L.K.: A fuzzy ontology and its application to news summarization. IEEE Transactions on Systems, Man and Cybernetics Part B 35(5), 859–880 (2005)CrossRefGoogle Scholar
  13. 13.
    Lee, C.S., Wang, M.H., Su, M.K., Wu, N.Y., Liu, C.H., Tseng, Y.Y., Wang, Y.L., Wang, H.M.: Fuzzy markup language for university assessment. In: 2011 IEEE International Conference on Systems, Man, and Cybernetics (IEEE SMC 2011), Anchorage, Alaska, USA, October 9-12 (2011)Google Scholar
  14. 14.
    Lehti, R., Virolainen, P.: AIDE (2011), http://aide.sourceforge.net
  15. 15.
    Quan, T.T., Hui, S.C., Fong, A.C.M., Cao, T.H.: Automatic fuzzy ontology generation for semantic web. IEEE Transaction on Knowledge and Data Engineering 18(6), 842–856 (2006)CrossRefGoogle Scholar
  16. 16.
    Sanchez, F.G., Bejar, R.M., Contreras, L., Breis, J.T.F., Nieves, D.C.: An ontology-based intelligent system for recruitment. Expert Systems with Applications 31(2), 248–263 (2006)CrossRefGoogle Scholar
  17. 17.
    Stewart, J.: Behavioural malware analysis using Sandnets. Computer Fraud & Security 12, 4–6 (2006)CrossRefGoogle Scholar
  18. 18.
    Wang, M.H., Lee, C.S., Hsieh, K.L., Hsu, C.Y., Chang, C.C.: Intelligent ontological multi-agent for healthy diet planning. In: 2009 IEEE International Conference on Fuzzy System (FUZZ-IEEE 2009), Jeju Island, Korea, August 19-24 (2009)Google Scholar
  19. 19.
    Zhao, H., Xu, M., Zheng, N., Yao, J., Ho, Q.: Malicious Executables Classification Based on Behavioral Factor Analysis. In: 2010 International Conference on e-Education, e-Business, e-Management and e-Learning, Sanya, China, January 22-24 (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Hsien-De Huang
    • 1
  • Giovanni Acampora
    • 2
  • Vincenzo Loia
    • 3
  • Chang-Shing Lee
    • 4
  • Hani Hagras
    • 5
  • Mei-Hui Wang
    • 4
  • Hung-Yu Kao
    • 6
  • Jee-Gong Chang
    • 1
  1. 1.National Center for High-Performance ComputingHsinchuTaiwan
  2. 2.School of Industrial Engineering, Information SystemsEindhoven University of TechnologyEindhovenThe Netherlands
  3. 3.Department of Computer ScienceUniversity of SalernoFiscianoItaly
  4. 4.Dept. of Computer Science and Information EngineeringNational University of TainanTainanTaiwan
  5. 5.The Computational Intelligence Centre, School of Computer Science and Electronic EngineeringUniversity of EssexEssexUK
  6. 6.Dept. of Computer Science and Information EngineeringNational Cheng Kung UniversityTainanTaiwan

Personalised recommendations