"Exploring Hidden Markov Models for Virus Analysis: A Semantic Approach" by Thomas H. Austin

Selected Works of Thomas H. Austin

Follow Contact

Article

Exploring Hidden Markov Models for Virus Analysis: A Semantic Approach

46th Hawaii International Conference on System Sciences (2013)

Thomas H. Austin, San Jose State University
Eric Filiol
Sebastien Josse
Mark Stamp, San Jose State University

Link

Abstract

Recent work has presented hidden Markov models (HMMs) as a compelling option for virus identification. However, to date little research has been done to identify the meaning of these hidden states. In this paper, we examine HMMs for four different compilers, hand-written assembly code, three virus construction kits, and a metamorphic virus in order to note similarities and differences in the hidden states of the HMMs. Furthermore, we develop the dueling HMM Strategy, which leverages our knowledge about different compilers for more precise identification. We hope that this approach will allow for the development of better virus detection tools based on HMMs.

Keywords

HIdden Markov models,
Assembly,
Viruses,
Semantics,
Computational modeling,
Malware,
virus,
metamorphic malware

Disciplines

Computer Sciences

Publication Date

2013

Publisher Statement

SJSU users: use the following link to login and access the article via SJSU databases

Citation Information

Thomas H. Austin, Eric Filiol, Sebastien Josse and Mark Stamp. "Exploring Hidden Markov Models for Virus Analysis: A Semantic Approach" 46th Hawaii International Conference on System Sciences (2013)
Available at: http://works.bepress.com/thomas_austin/7/