Volume 8 Number 10 (Oct. 2013)
Home > Archive > 2013 > Volume 8 Number 10 (Oct. 2013) >
JCP 2013 Vol.8(10): 2469-2477 ISSN: 1796-203X
doi: 10.4304/jcp.8.10.2469-2477

A Malware Variant Detection Method Based on Byte Randomness Test

Shuhui Qi, Ming Xu, and Ning Zheng
Internet and Network Security Laboratory, Institute of Computer Science, Hangzhou Dianzi University Hangzhou, China

Abstract—Malware variants, referring to the different members in the same malware family, are generally produced by simply modifying the existing malwares in order to avoid being detected by the traditional signaturebased methods. The mass of malware variants has brought great difficulties to detect malicious code. In this paper, a malware variants detection method based on byte randomness tests is proposed. The bytes distribution value of the instruction sequences obtained from randomness tests , named as the byte randomness profiles, can preserves enough local detail about program, so it can be used as feature vector to represent malware in a distinctive manner. Moreover, the sum of squares distance (SSD) and the cosine similarity (COS) are used to measure the distinctiveness between two malwares. Experimental results show that the proposed method provides a fast and effective way to detect variants of known malware families.

Index Terms—instruction sequences, byte randomness profile (BRP), feature vector, SSD, COS

[PDF]

Cite: Shuhui Qi, Ming Xu, and Ning Zheng, " A Malware Variant Detection Method Based on Byte Randomness Test," Journal of Computers vol. 8, no. 10, pp. 2469-2477, 2013.

General Information

ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat,etc
E-mail: jcp@iap.org
  • Nov 14, 2019 News!

    Vol 14, No 11 has been published with online version   [Click]

  • Mar 20, 2020 News!

    Vol 15, No 2 has been published with online version   [Click]

  • Dec 16, 2019 News!

    Vol 14, No 12 has been published with online version   [Click]

  • Sep 16, 2019 News!

    Vol 14, No 9 has been published with online version   [Click]

  • Aug 16, 2019 News!

    Vol 14, No 8 has been published with online version   [Click]

  • Read more>>