Table of Contents Author Guidelines Submit a Manuscript
The Scientific World Journal
Volume 2013, Article ID 671096, 8 pages
http://dx.doi.org/10.1155/2013/671096
Research Article

The Effects of Different Representations on Static Structure Analysis of Computer Malware Signatures

1School of Computing and Mathematical Sciences, Auckland University of Technology, Auckland 1010, New Zealand
2Department of Computing, Unitec Institute of Technology, Auckland 1025, New Zealand
3National Institute of Information and Communications Technology, Tokyo 184-8795, Japan

Received 26 February 2013; Accepted 14 May 2013

Academic Editors: H.-l. Liu and Y. Wang

Copyright © 2013 Ajit Narayanan et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

The continuous growth of malware presents a problem for internet computing due to increasingly sophisticated techniques for disguising malicious code through mutation and the time required to identify signatures for use by antiviral software systems (AVS). Malware modelling has focused primarily on semantics due to the intended actions and behaviours of viral and worm code. The aim of this paper is to evaluate a static structure approach to malware modelling using the growing malware signature databases now available. We show that, if malware signatures are represented as artificial protein sequences, it is possible to apply standard sequence alignment techniques in bioinformatics to improve accuracy of distinguishing between worm and virus signatures. Moreover, aligned signature sequences can be mined through traditional data mining techniques to extract metasignatures that help to distinguish between viral and worm signatures. All bioinformatics and data mining analysis were performed on publicly available tools and Weka.