Poster: Toward automating the generation of malware analysis reports using the sandbox logs

Bo Sun, Akinori Fujino, Tatsuya Mori

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    2 Citations (Scopus)

    Abstract

    In recent years, the number of new examples of malware has continued to increase. To create effective countermeasures, security specialists often must manually inspect vast sandbox logs produced by the dynamic analysis method. Conversely, antivirus vendors usually publish malware analysis reports on their website. Because malware analysis reports and sandbox logs do not have direct connections, when analyzing sandbox logs, security specialists cannot benefit from the information described in such expert reports. To address this issue, we developed a system called ReGenerator that automates the generation of reports related to sandbox logs by making use of existing reports published by antivirus vendors. Our system combines several techniques, including the Jaccard similarity, Natural Language Processing (NLP), and Generation (NLG), to produce concise human-readable reports describing malicious behavior for security specialists.

    Original languageEnglish
    Title of host publicationCCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
    PublisherAssociation for Computing Machinery
    Pages1814-1816
    Number of pages3
    Volume24-28-October-2016
    ISBN (Electronic)9781450341394
    DOIs
    Publication statusPublished - 2016 Oct 24
    Event23rd ACM Conference on Computer and Communications Security, CCS 2016 - Vienna, Austria
    Duration: 2016 Oct 242016 Oct 28

    Other

    Other23rd ACM Conference on Computer and Communications Security, CCS 2016
    CountryAustria
    CityVienna
    Period16/10/2416/10/28

      Fingerprint

    Keywords

    • Malware analysis
    • Natural Language Processing
    • Reports
    • Sandbox logs

    ASJC Scopus subject areas

    • Software
    • Computer Networks and Communications

    Cite this

    Sun, B., Fujino, A., & Mori, T. (2016). Poster: Toward automating the generation of malware analysis reports using the sandbox logs. In CCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vol. 24-28-October-2016, pp. 1814-1816). Association for Computing Machinery. https://doi.org/10.1145/2976749.2989064