Visual Analytics : Foundations and Experiences in Malware Analysis

Lade...
Vorschaubild
Dateien
Zu diesem Dokument gibt es keine Dateien.
Datum
2018
Autor:innen
Wagner, Markus
Rind, Alexander
Luh, Robert
Schrittwieser, Sebastian
Aigner, Wolfgang
Herausgeber:innen
Kontakt
ISSN der Zeitschrift
Electronic ISSN
ISBN
Bibliografische Daten
Verlag
Schriftenreihe
Auflagebezeichnung
URI (zitierfähiger Link)
DOI (zitierfähiger Link)
ArXiv-ID
Internationale Patentnummer
Angaben zur Forschungsförderung
Projekt
Open Access-Veröffentlichung
Core Facility der Universität Konstanz
Gesperrt bis
Titel in einer weiteren Sprache
Publikationstyp
Beitrag zu einem Sammelband
Publikationsstatus
Published
Erschienen in
BEN OTHMANE, Lotfi, ed. and others. Empirical Research for Software Security : Foundations and Experience. Boca Raton: Taylor & Francis, 2018, pp. 139-171. ISBN 978-1-4987-7641-7
Zusammenfassung

This chapter starts by providing some background in behavior-based malware analysis. Subsequently, it introduces VA and its main components based on the knowledge generation model for VA (Sacha et al., 2014). Then, it demonstrates the applicability of VA in in this subfield of software security with three projects that illustrate practical experience of VA methods: MalwareVis (Zhuo et al., 2012) supports network forensics and malware analysis by visually assessing TCP and DNS network streams. SEEM (Gove et al., 2014) allows visual comparison of multiple large attribute sets of malware samples, thereby enabling bulk classification. KAMAS (Wagner et al. 2017) is a knowledge-assisted visualization system for behavior-based malware forensics enabled by API calls and system call traces. Future directions in visual analytics for malware analysis conclude the chapter.

Zusammenfassung in einer weiteren Sprache
Fachgebiet (DDC)
004 Informatik
Schlagwörter
data, interaction, knowledge generation, malware analysis, model, Visual analytics, Visualization
Konferenz
Rezension
undefined / . - undefined, undefined
Forschungsvorhaben
Organisationseinheiten
Zeitschriftenheft
Datensätze
Zitieren
ISO 690WAGNER, Markus, Dominik SACHA, Alexander RIND, Fabian FISCHER, Robert LUH, Sebastian SCHRITTWIESER, Daniel A. KEIM, Wolfgang AIGNER, 2018. Visual Analytics : Foundations and Experiences in Malware Analysis. In: BEN OTHMANE, Lotfi, ed. and others. Empirical Research for Software Security : Foundations and Experience. Boca Raton: Taylor & Francis, 2018, pp. 139-171. ISBN 978-1-4987-7641-7
BibTex
@incollection{Wagner2018Visua-41330,
  year={2018},
  title={Visual Analytics : Foundations and Experiences in Malware Analysis},
  isbn={978-1-4987-7641-7},
  publisher={Taylor & Francis},
  address={Boca Raton},
  booktitle={Empirical Research for Software Security : Foundations and Experience},
  pages={139--171},
  editor={ben Othmane, Lotfi},
  author={Wagner, Markus and Sacha, Dominik and Rind, Alexander and Fischer, Fabian and Luh, Robert and Schrittwieser, Sebastian and Keim, Daniel A. and Aigner, Wolfgang}
}
RDF
<rdf:RDF
    xmlns:dcterms="http://purl.org/dc/terms/"
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    xmlns:bibo="http://purl.org/ontology/bibo/"
    xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
    xmlns:foaf="http://xmlns.com/foaf/0.1/"
    xmlns:void="http://rdfs.org/ns/void#"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > 
  <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/41330">
    <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
    <dc:language>eng</dc:language>
    <dc:contributor>Fischer, Fabian</dc:contributor>
    <dc:contributor>Keim, Daniel A.</dc:contributor>
    <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2018-02-14T09:44:31Z</dc:date>
    <dcterms:issued>2018</dcterms:issued>
    <dcterms:abstract xml:lang="eng">This chapter starts by providing some background in behavior-based malware analysis. Subsequently, it introduces VA and its main components based on the knowledge generation model for VA (Sacha et al., 2014). Then, it demonstrates the applicability of VA in in this subfield of software security with three projects that illustrate practical experience of VA methods: MalwareVis (Zhuo et al., 2012) supports network forensics and malware analysis by visually assessing TCP and DNS network streams. SEEM (Gove et al., 2014) allows visual comparison of multiple large attribute sets of malware samples, thereby enabling bulk classification. KAMAS (Wagner et al. 2017) is a knowledge-assisted visualization system for behavior-based malware forensics enabled by API calls and system call traces. Future directions in visual analytics for malware analysis conclude the chapter.</dcterms:abstract>
    <dc:contributor>Rind, Alexander</dc:contributor>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dc:contributor>Luh, Robert</dc:contributor>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dc:creator>Aigner, Wolfgang</dc:creator>
    <dc:creator>Sacha, Dominik</dc:creator>
    <dc:creator>Rind, Alexander</dc:creator>
    <dc:creator>Luh, Robert</dc:creator>
    <dc:creator>Wagner, Markus</dc:creator>
    <dcterms:title>Visual Analytics : Foundations and Experiences in Malware Analysis</dcterms:title>
    <bibo:uri rdf:resource="https://kops.uni-konstanz.de/handle/123456789/41330"/>
    <dc:contributor>Wagner, Markus</dc:contributor>
    <dc:creator>Keim, Daniel A.</dc:creator>
    <foaf:homepage rdf:resource="http://localhost:8080/"/>
    <dc:contributor>Schrittwieser, Sebastian</dc:contributor>
    <dc:creator>Schrittwieser, Sebastian</dc:creator>
    <dc:creator>Fischer, Fabian</dc:creator>
    <dc:contributor>Aigner, Wolfgang</dc:contributor>
    <dc:contributor>Sacha, Dominik</dc:contributor>
    <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2018-02-14T09:44:31Z</dcterms:available>
  </rdf:Description>
</rdf:RDF>
Interner Vermerk
xmlui.Submission.submit.DescribeStep.inputForms.label.kops_note_fromSubmitter
Kontakt
URL der Originalveröffentl.
Prüfdatum der URL
Prüfungsdatum der Dissertation
Finanzierungsart
Kommentar zur Publikation
Allianzlizenz
Corresponding Authors der Uni Konstanz vorhanden
Internationale Co-Autor:innen
Universitätsbibliographie
Ja
Begutachtet
Diese Publikation teilen