Poster: Toward automating the generation of malware analysis reports using the sandbox logs

Bo Sun, Akinori Fujino, Tatsuya Mori

    研究成果: Conference contribution

    3 引用 (Scopus)

    抜粋

    In recent years, the number of new examples of malware has continued to increase. To create effective countermeasures, security specialists often must manually inspect vast sandbox logs produced by the dynamic analysis method. Conversely, antivirus vendors usually publish malware analysis reports on their website. Because malware analysis reports and sandbox logs do not have direct connections, when analyzing sandbox logs, security specialists cannot benefit from the information described in such expert reports. To address this issue, we developed a system called ReGenerator that automates the generation of reports related to sandbox logs by making use of existing reports published by antivirus vendors. Our system combines several techniques, including the Jaccard similarity, Natural Language Processing (NLP), and Generation (NLG), to produce concise human-readable reports describing malicious behavior for security specialists.

    元の言語English
    ホスト出版物のタイトルCCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
    出版者Association for Computing Machinery
    ページ1814-1816
    ページ数3
    24-28-October-2016
    ISBN(電子版)9781450341394
    DOI
    出版物ステータスPublished - 2016 10 24
    イベント23rd ACM Conference on Computer and Communications Security, CCS 2016 - Vienna, Austria
    継続期間: 2016 10 242016 10 28

    Other

    Other23rd ACM Conference on Computer and Communications Security, CCS 2016
    Austria
    Vienna
    期間16/10/2416/10/28

    ASJC Scopus subject areas

    • Software
    • Computer Networks and Communications

    フィンガープリント Poster: Toward automating the generation of malware analysis reports using the sandbox logs' の研究トピックを掘り下げます。これらはともに一意のフィンガープリントを構成します。

  • これを引用

    Sun, B., Fujino, A., & Mori, T. (2016). Poster: Toward automating the generation of malware analysis reports using the sandbox logs. : CCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (巻 24-28-October-2016, pp. 1814-1816). Association for Computing Machinery. https://doi.org/10.1145/2976749.2989064