Malfinder: Accelerated malware classification system through filtering on Manycore system

Taegyu Kim, Woomin Hwang, Chulmin Kim, Dong Jae Shin, Ki Woong Park, Kyu Ho Park

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Control flow matching methods have been utilized to detect malware variants. However, as the number of malware variants has soared, it has become harder and harder to detect all malware variants while maintaining high accuracy. Even though many researchers have proposed control flow matching methods, there is still a trade-off between accuracy and performance. To solve this trade-off, we designed Malfinder, a method based on approximate matching, which is accurate but slow. To overcome its low performance, we resolve its performance bottleneck and non-parallelism on three fronts: I-Filter for identical string matching, table division to exclude unnecessary comparisons with some malware and dynamic resource allocation for efficient parallelism. Our performance evaluation shows that the total performance improvement is 280.9 times.

Original languageEnglish (US)
Title of host publicationICISSP 2015 - 1st International Conference on Information Systems Security and Privacy, Proceedings
EditorsOlivier Camp, Edgar Weippl, Christophe Bidan, Esma Aimeur
PublisherSciTePress
Pages17-26
Number of pages10
ISBN (Electronic)9789897580819
DOIs
StatePublished - 2015
Event1st International Conference on Information Systems Security and Privacy, ICISSP 2015 - Angers, Loire Valley, France
Duration: Feb 9 2015Feb 11 2015

Publication series

NameICISSP 2015 - 1st International Conference on Information Systems Security and Privacy, Proceedings

Conference

Conference1st International Conference on Information Systems Security and Privacy, ICISSP 2015
Country/TerritoryFrance
CityAngers, Loire Valley
Period2/9/152/11/15

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems

Fingerprint

Dive into the research topics of 'Malfinder: Accelerated malware classification system through filtering on Manycore system'. Together they form a unique fingerprint.

Cite this