Aufgrund von Vorbereitungen auf eine neue Version von KOPS, können kommenden Montag und Dienstag keine Publikationen eingereicht werden. (Due to preparations for a new version of KOPS, no publications can be submitted next Monday and Tuesday.)
Type of Publication: | Contribution to a collection |
Publication status: | Published |
Author: | Wagner, Markus; Sacha, Dominik; Rind, Alexander; Fischer, Fabian; Luh, Robert; Schrittwieser, Sebastian; Keim, Daniel A.; Aigner, Wolfgang |
Year of publication: | 2018 |
Published in: | Empirical Research for Software Security : Foundations and Experience / ben Othmane, Lotfi et al. (ed.). - Boca Raton : Taylor & Francis, 2018. - pp. 139-171. - ISBN 978-1-4987-7641-7 |
Summary: |
This chapter starts by providing some background in behavior-based malware analysis. Subsequently, it introduces VA and its main components based on the knowledge generation model for VA (Sacha et al., 2014). Then, it demonstrates the applicability of VA in in this subfield of software security with three projects that illustrate practical experience of VA methods: MalwareVis (Zhuo et al., 2012) supports network forensics and malware analysis by visually assessing TCP and DNS network streams. SEEM (Gove et al., 2014) allows visual comparison of multiple large attribute sets of malware samples, thereby enabling bulk classification. KAMAS (Wagner et al. 2017) is a knowledge-assisted visualization system for behavior-based malware forensics enabled by API calls and system call traces. Future directions in visual analytics for malware analysis conclude the chapter.
|
Subject (DDC): | 004 Computer Science |
Keywords: | data, interaction, knowledge generation, malware analysis, model, Visual analytics, Visualization |
Bibliography of Konstanz: | Yes |
Files | Size | Format | View |
---|---|---|---|
There are no files associated with this item. |
WAGNER, Markus, Dominik SACHA, Alexander RIND, Fabian FISCHER, Robert LUH, Sebastian SCHRITTWIESER, Daniel A. KEIM, Wolfgang AIGNER, 2018. Visual Analytics : Foundations and Experiences in Malware Analysis. In: BEN OTHMANE, Lotfi, ed. and others. Empirical Research for Software Security : Foundations and Experience. Boca Raton:Taylor & Francis, pp. 139-171. ISBN 978-1-4987-7641-7
@incollection{Wagner2018Visua-41330, title={Visual Analytics : Foundations and Experiences in Malware Analysis}, year={2018}, isbn={978-1-4987-7641-7}, address={Boca Raton}, publisher={Taylor & Francis}, booktitle={Empirical Research for Software Security : Foundations and Experience}, pages={139--171}, editor={ben Othmane, Lotfi}, author={Wagner, Markus and Sacha, Dominik and Rind, Alexander and Fischer, Fabian and Luh, Robert and Schrittwieser, Sebastian and Keim, Daniel A. and Aigner, Wolfgang} }
<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/rdf/resource/123456789/41330"> <dc:creator>Schrittwieser, Sebastian</dc:creator> <dc:contributor>Fischer, Fabian</dc:contributor> <dc:contributor>Keim, Daniel A.</dc:contributor> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2018-02-14T09:44:31Z</dcterms:available> <dc:creator>Keim, Daniel A.</dc:creator> <dc:contributor>Rind, Alexander</dc:contributor> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dcterms:abstract xml:lang="eng">This chapter starts by providing some background in behavior-based malware analysis. Subsequently, it introduces VA and its main components based on the knowledge generation model for VA (Sacha et al., 2014). Then, it demonstrates the applicability of VA in in this subfield of software security with three projects that illustrate practical experience of VA methods: MalwareVis (Zhuo et al., 2012) supports network forensics and malware analysis by visually assessing TCP and DNS network streams. SEEM (Gove et al., 2014) allows visual comparison of multiple large attribute sets of malware samples, thereby enabling bulk classification. KAMAS (Wagner et al. 2017) is a knowledge-assisted visualization system for behavior-based malware forensics enabled by API calls and system call traces. Future directions in visual analytics for malware analysis conclude the chapter.</dcterms:abstract> <dc:creator>Luh, Robert</dc:creator> <dcterms:issued>2018</dcterms:issued> <dc:creator>Wagner, Markus</dc:creator> <dc:contributor>Luh, Robert</dc:contributor> <dc:creator>Fischer, Fabian</dc:creator> <dc:contributor>Schrittwieser, Sebastian</dc:contributor> <dc:contributor>Sacha, Dominik</dc:contributor> <dc:contributor>Aigner, Wolfgang</dc:contributor> <dcterms:title>Visual Analytics : Foundations and Experiences in Malware Analysis</dcterms:title> <dc:creator>Aigner, Wolfgang</dc:creator> <dc:language>eng</dc:language> <bibo:uri rdf:resource="https://kops.uni-konstanz.de/handle/123456789/41330"/> <dc:creator>Rind, Alexander</dc:creator> <dc:creator>Sacha, Dominik</dc:creator> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <foaf:homepage rdf:resource="http://localhost:8080/jspui"/> <dc:contributor>Wagner, Markus</dc:contributor> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2018-02-14T09:44:31Z</dc:date> </rdf:Description> </rdf:RDF>