Please use this identifier to cite or link to this item: http://hdl.handle.net/1893/34483
Appears in Collections:Computing Science and Mathematics Conference Papers and Proceedings
Author(s): Chowdhury, Ipshita Roy
Bhowmik, Deepayan
Contact Email: deepayan.bhowmik@stir.ac.uk
Title: Capturing Malware Behaviour with Ontology-based Knowledge Graphs
Citation: Chowdhury IR & Bhowmik D (2022) Capturing Malware Behaviour with Ontology-based Knowledge Graphs. In: IEEE Conference on Dependable and Secure Computing (IEEE DSC 2022), Edinburgh, 22.06.2022-24.06.2022. Piscataway, NJ, USA: IEEE.
Date Deposited: 3-Jul-2022
Conference Name: IEEE Conference on Dependable and Secure Computing (IEEE DSC 2022)
Conference Dates: 2022-06-22 - 2022-06-24
Conference Location: Edinburgh
Abstract: Exponential rise of Internet increases the risk of cyber attack related incidents which are generally caused by wide spread frequency of new malware generation. Different types of malware families have complex, dynamic behaviours and characteristics which can cause a novel and targeted attack in a cyber-system. Existence of large volume of malware types with frequent new additions hinders cyber resilience effort. To address the gap, we propose a new ontology driven framework that captures recent malware behaviours. According to code structure malware can be divided into three categories: basic, polymorphic and metamorphic. Packing or code obfuscation is also a technique adopted by the malware developers to make the code unreadable and avoid detection. Given that ontology techniques are useful to express the domain knowledge meaningfully , this paper aims to develop an ontology for dynamic analysis of malware behaviour and to capture metamorphic and polymorphic malware behaviour. This will be helpful to understand malicious behaviour exhibited by new generation malware samples and changes in their code structure. The proposed framework includes 14 malware families with their sub-families and 3 types of malware code-structure with their individuals. With a focus on malware behaviour the proposed ontology depicts the relations among malware families and malware code-structures with their respective behaviour.
Status: AM - Accepted Manuscript
Rights: © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Files in This Item:
File Description SizeFormat 
IEEE_DSC_2022_Ontology_final.pdfFulltext - Accepted Version1.57 MBAdobe PDFView/Open



This item is protected by original copyright



Items in the Repository are protected by copyright, with all rights reserved, unless otherwise indicated.

The metadata of the records in the Repository are available under the CC0 public domain dedication: No Rights Reserved https://creativecommons.org/publicdomain/zero/1.0/

If you believe that any material held in STORRE infringes copyright, please contact library@stir.ac.uk providing details and we will remove the Work from public display in STORRE and investigate your claim.