Advertisement

A Method for Efficient Malicious Code Detection Based on Conceptual Similarity

  • Sungsuk Kim
  • Chang Choi
  • Junho Choi
  • Pankoo Kim
  • Hanil Kim
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3983)

Abstract

Nowadays, a lot of techniques have been applied for the detection of malicious behavior. However, the current techniques taken into practice are facing with the challenge of much variations of the original malicious behavior, and it is impossible to respond the new forms of behavior appropriately and timely. With the questions above, we suggest a new method here to improve the current situation. Basically, we use conceptual graph to define malicious behavior, and then we are able to compare the similarity relations of the malicious behavior by testing the formalized values which generated by the predefined graphs in the code. In this paper, we show how to make a conceptual graph and propose an efficient method for similarity measure to discern the malicious behavior. As a result of our experiment, we can get more efficient detection rate. It can be used in detecting malicious codes in the script based programming environment of many kinds of embedded systems or telematics systems.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    F. Dau.: Mathematical Foundations of Conceptual Graphs. In: 13th ICCS in Tutorial (2005)Google Scholar
  2. 2.
    Erdogan, O., Cao, P.: Hash-av: Fast virus signature scanning by cache-resident filters (2005), http://crypto.stanford.edu/~cao/hash-av/
  3. 3.
    Mishne, G., de Rijke, M.: Source Code Retrieval using Conceptual Similarity. RIAO, 539–554 (2004)Google Scholar
  4. 4.
    Christodorescu, J.: Static Analysis of Executables to Detect Malicious Patterns. In: 12th USENIX Security Symposium (2003)Google Scholar
  5. 5.
    Hensman, S.: Construction of Conceptual Graph Representation of Texts. HLT-NAACL, 49–54 (2004)Google Scholar
  6. 6.
    Karalopoulos, K. M., Kavouras, M.: Geographic Knowledge Representation Using Conceptual Graphs. In: 7th AGILE Conference on Geographic Information Science, Crete, Greece (2004)Google Scholar
  7. 7.
    Baget, J.-F.: Simple conceptual graphs revisited: Hypergraphs and conjunctive types for efficient projection algorithms. In: Proc. of ICCS (2003)Google Scholar
  8. 8.
    Zhong, J., Zhu, H., Li, J., Yu, Y.: Conceptual Graph Matching for Semantic Search. In: Proc. of ICCS (2002)Google Scholar
  9. 9.
    Zhang, L., Yu, Y.: Learning to generate cGs from domain specific sentences. In: Delugach, H.S., Stumme, G. (eds.) ICCS 2001. LNCS (LNAI), vol. 2120, p. 44. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Delugach, H.S.: CharGer A Graphical Conceptual Graph Editor. In: Proc. of ICCS (2001)Google Scholar
  11. 11.
    Dobrev, P., Strupchaska, A., Toutanova, K.: CGWorld-2001 - New Features and New Directions. In: Proc. of ICCS (2001)Google Scholar
  12. 12.
    Montes-y-Gómez, M., Gelbukh, A., López-López, A., Baeza-Yates, R.: Flexible Comparison of Conceptual Graphs. In: Mayr, H.C., Lazanský, J., Quirchmayr, G., Vogel, P. (eds.) DEXA 2001. LNCS, vol. 2113, pp. 102–111. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Fernandez, F.: Heuristic Engines. In: 11th International Virus Bulletin Conference (2001)Google Scholar
  14. 14.
    Szappanos, G.: VBS Emulator Engine Design. In: Virus Bulletin Conference (2001)Google Scholar
  15. 15.
    Muttik, I.: Stripping down an AV Engines. In: Virus Bulletin Conference (2000)Google Scholar
  16. 16.
    Montes-y-Gómez, M., Gelbukh, A., López-López, A.: Comparison of Conceptual Graphs. In: Cairó, O., Cantú, F.J. (eds.) MICAI 2000. LNCS, vol. 1793. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  17. 17.
    Sowa, J.F.: Conceptual Graph Standard, American National Standard NCITS.T2/ISO/JTC1/SC32 WG2 N 0000 (April 2001), Access Online, http://www.bestweb.net/~sowa/cg/cgstand.htm
  18. 18.
    Sowa, J.F.: Conceptual Structures Information Processing in Mind and Machine, Ed. Addison-Wesley, Reading (1983)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Sungsuk Kim
    • 1
  • Chang Choi
    • 1
  • Junho Choi
    • 2
  • Pankoo Kim
    • 2
  • Hanil Kim
    • 3
  1. 1.Dept. of Computer ScienceChosun UniversityGwangjuKorea
  2. 2.Dept. of Computer EngineeringChosun UniversityGwangjuKorea
  3. 3.Dept. of Computer EducationCheju National UniversityChejuKorea

Personalised recommendations