Poster: Toward automating the generation of malware analysis reports using the sandbox logs

Bo Sun, Akinori Fujino, Tatsuya Mori

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

In recent years, the number of new examples of malware has continued to increase. To create effective countermeasures, security specialists often must manually inspect vast sandbox logs produced by the dynamic analysis method. Conversely, antivirus vendors usually publish malware analysis reports on their website. Because malware analysis reports and sandbox logs do not have direct connections, when analyzing sandbox logs, security specialists cannot benefit from the information described in such expert reports. To address this issue, we developed a system called ReGenerator that automates the generation of reports related to sandbox logs by making use of existing reports published by antivirus vendors. Our system combines several techniques, including the Jaccard similarity, Natural Language Processing (NLP), and Generation (NLG), to produce concise human-readable reports describing malicious behavior for security specialists.

Original languageEnglish
Title of host publicationCCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages1814-1816
Number of pages3
ISBN (Electronic)9781450341394
DOIs
Publication statusPublished - 2016 Oct 24
Event23rd ACM Conference on Computer and Communications Security, CCS 2016 - Vienna, Austria
Duration: 2016 Oct 242016 Oct 28

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
Volume24-28-October-2016
ISSN (Print)1543-7221

Other

Other23rd ACM Conference on Computer and Communications Security, CCS 2016
CountryAustria
CityVienna
Period16/10/2416/10/28

Keywords

  • Malware analysis
  • Natural Language Processing
  • Reports
  • Sandbox logs

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Poster: Toward automating the generation of malware analysis reports using the sandbox logs'. Together they form a unique fingerprint.

Cite this