TitleBiG2-KAMAS: Supporting Knowledge-Assisted Malware Analysis with Bi-Gram Based Valuation
Publication TypeConference Paper
Year of Publication2017
AuthorsThür, N., M. Wagner, J. Schick, C. Niederer, J. Eckel, R. Luh, and W. Aigner
Conference NamePoster of the 14th Workshop on Visualization for Cyber Security (VizSec)
Date Published10/2017
Conference LocationPhoenix, Arizona, USA
Keywordsexplicit knowledge, information visualization, Knowledge-assisted Visualization, User-Centered Design, Visual analytics
AbstractMalicious software, short malware, refers to software programs that are designed to cause damage or to perform unwanted actions on the infected computer system. The behavior-based analysis of malware typically utilizes tools that produce lengthy traces of observed events, which have to be analyzed manually or by means of individual scripts. Due to the growing amount of data extracted from malware samples, analysts are in need of an interactive tool that supports them in their exploration efforts. In this respect, the use of visual analytics methods and stored expert knowledge helps the user to speed up the exploration process and, furthermore, to improve the quality of the outcome. In this paper, the previously developed KAMAS concept is extended with components such as a bi-gram based valuation approach to cover further malware analysts’ needs. The components have been integrated a new prototype which was evaluated by two domain experts in a detailed user study.
Refereed DesignationRefereed