Research Article
Mal-Netminer: Malware Classification Approach Based on Social Network Analysis of System Call Graph
Table 10
System call dictionary of adware.
| | Functionality | System call list |
| | Local procedure call | NtAlpcAcceptConnectPort, NtAlpcConnectPort, NtAlpcCreatePort, and NtAlpcSendWaitReceivePort |
| | File & general I/O | NtCreateIoCompletion |
| | Object | NtClose |
| | Atoms | NtFindAtom |
| | Processes & thread | NtResumeThread, NtCreateUserProcess, and NtCreateWorkerFactory |
| | Synchronization | NtCreateKeyedEvent and NtReleaseMutant |
| | Timers & system time | NtSetTimer and NtCreateTimer |
|
|
