Visual Analytics : Foundations and Experiences in Malware Analysis

Publikationstyp: Beitrag zu einem Sammelband
Publikationsstatus: Published
Autor/innen: Wagner, Markus; Sacha, Dominik; Rind, Alexander; Fischer, Fabian; Luh, Robert; Schrittwieser, Sebastian; Keim, Daniel A.; Aigner, Wolfgang
Erscheinungsjahr: 2018
Erschienen in: Empirical Research for Software Security : Foundations and Experience / ben Othmane, Lotfi et al. (Hrsg.). - Boca Raton : Taylor & Francis, 2018. - S. 139-171. - ISBN 978-1-4987-7641-7
Zusammenfassung:
This chapter starts by providing some background in behavior-based malware analysis. Subsequently, it introduces VA and its main components based on the knowledge generation model for VA (Sacha et al., 2014). Then, it demonstrates the applicability of VA in in this subfield of software security with three projects that illustrate practical experience of VA methods: MalwareVis (Zhuo et al., 2012) supports network forensics and malware analysis by visually assessing TCP and DNS network streams. SEEM (Gove et al., 2014) allows visual comparison of multiple large attribute sets of malware samples, thereby enabling bulk classification. KAMAS (Wagner et al. 2017) is a knowledge-assisted visualization system for behavior-based malware forensics enabled by API calls and system call traces. Future directions in visual analytics for malware analysis conclude the chapter.
Fachgebiet (DDC): 004 Informatik
Schlagwörter: data, interaction, knowledge generation, malware analysis, model, Visual analytics, Visualization
Universitätsbibliographie: Ja

Zitieren

Dateien zu dieser Ressource

Dateien Größe Format Anzeige

Zu diesem Dokument gibt es keine Dateien.

WAGNER, Markus, Dominik SACHA, Alexander RIND, Fabian FISCHER, Robert LUH, Sebastian SCHRITTWIESER, Daniel A. KEIM, Wolfgang AIGNER, 2018. Visual Analytics : Foundations and Experiences in Malware Analysis. In: BEN OTHMANE, Lotfi, ed. and others. Empirical Research for Software Security : Foundations and Experience. Boca Raton:Taylor & Francis, pp. 139-171. ISBN 978-1-4987-7641-7

@incollection{Wagner2018Visua-41330, title={Visual Analytics : Foundations and Experiences in Malware Analysis}, year={2018}, isbn={978-1-4987-7641-7}, address={Boca Raton}, publisher={Taylor & Francis}, booktitle={Empirical Research for Software Security : Foundations and Experience}, pages={139--171}, editor={ben Othmane, Lotfi}, author={Wagner, Markus and Sacha, Dominik and Rind, Alexander and Fischer, Fabian and Luh, Robert and Schrittwieser, Sebastian and Keim, Daniel A. and Aigner, Wolfgang} }

<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/rdf/resource/123456789/41330"> <dc:creator>Schrittwieser, Sebastian</dc:creator> <dc:contributor>Fischer, Fabian</dc:contributor> <dc:contributor>Keim, Daniel A.</dc:contributor> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2018-02-14T09:44:31Z</dcterms:available> <dc:creator>Keim, Daniel A.</dc:creator> <dc:contributor>Rind, Alexander</dc:contributor> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dcterms:abstract xml:lang="eng">This chapter starts by providing some background in behavior-based malware analysis. Subsequently, it introduces VA and its main components based on the knowledge generation model for VA (Sacha et al., 2014). Then, it demonstrates the applicability of VA in in this subfield of software security with three projects that illustrate practical experience of VA methods: MalwareVis (Zhuo et al., 2012) supports network forensics and malware analysis by visually assessing TCP and DNS network streams. SEEM (Gove et al., 2014) allows visual comparison of multiple large attribute sets of malware samples, thereby enabling bulk classification. KAMAS (Wagner et al. 2017) is a knowledge-assisted visualization system for behavior-based malware forensics enabled by API calls and system call traces. Future directions in visual analytics for malware analysis conclude the chapter.</dcterms:abstract> <dc:creator>Luh, Robert</dc:creator> <dcterms:issued>2018</dcterms:issued> <dc:creator>Wagner, Markus</dc:creator> <dc:contributor>Luh, Robert</dc:contributor> <dc:creator>Fischer, Fabian</dc:creator> <dc:contributor>Schrittwieser, Sebastian</dc:contributor> <dc:contributor>Sacha, Dominik</dc:contributor> <dc:contributor>Aigner, Wolfgang</dc:contributor> <dcterms:title>Visual Analytics : Foundations and Experiences in Malware Analysis</dcterms:title> <dc:creator>Aigner, Wolfgang</dc:creator> <dc:language>eng</dc:language> <bibo:uri rdf:resource="https://kops.uni-konstanz.de/handle/123456789/41330"/> <dc:creator>Rind, Alexander</dc:creator> <dc:creator>Sacha, Dominik</dc:creator> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <foaf:homepage rdf:resource="http://localhost:8080/jspui"/> <dc:contributor>Wagner, Markus</dc:contributor> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2018-02-14T09:44:31Z</dc:date> </rdf:Description> </rdf:RDF>

Das Dokument erscheint in:

KOPS Suche


Stöbern

Mein Benutzerkonto