2016年10月24日
Poster: Toward automating the generation of malware analysis reports using the sandbox logs
Proceedings of the ACM Conference on Computer and Communications Security
- ,
- ,
- 巻
- 24-28-
- 号
- 開始ページ
- 1814
- 終了ページ
- 1816
- 記述言語
- 英語
- 掲載種別
- DOI
- 10.1145/2976749.2989064
- 出版者・発行元
- Association for Computing Machinery
In recent years, the number of new examples of malware has continued to increase. To create effective countermeasures, security specialists often must manually inspect vast sandbox logs produced by the dynamic analysis method. Conversely, antivirus vendors usually publish malware analysis reports on their website. Because malware analysis reports and sandbox logs do not have direct connections, when analyzing sandbox logs, security specialists cannot benefit from the information described in such expert reports. To address this issue, we developed a system called ReGenerator that automates the generation of reports related to sandbox logs by making use of existing reports published by antivirus vendors. Our system combines several techniques, including the Jaccard similarity, Natural Language Processing (NLP), and Generation (NLG), to produce concise human-readable reports describing malicious behavior for security specialists.
- リンク情報
- ID情報
-
- DOI : 10.1145/2976749.2989064
- ISSN : 1543-7221
- DBLP ID : conf/ccs/SunFM16
- SCOPUS ID : 84995486158