TitleProblem Characterization and Abstraction for Visual Analytics in Behavior-Based Malware Pattern Analysis
Publication TypeConference Paper
Year of Publication2014
AuthorsWagner, M., W. Aigner, A. Rind, H. Dornhackl, K. Kadletz, R. Luh, and P. Tavolato
EditorHarrison, L.
Conference NameProceedings of the Eleventh Workshop on Visualization for Cyber Security
EditionVizSec '14
Pages9 - 16
Date Published11/2014
Conference LocationParis
Keywordsevaluation, KAVA-Time, malicious software, malware analysis, problem characterization and abstraction, Visual analytics
AbstractBehavior-based analysis of emerging malware families involves finding suspicious patterns in large collections of execution traces. This activity cannot be automated for previously unknown malware families and thus malware analysts would benefit greatly from integrating visual analytics methods in their process. However existing approaches are limited to fairly static representations of data and there is no systematic characterization and abstraction of this problem domain. Therefore we performed a systematic literature study, conducted a focus group as well as semi-structured interviews with 10 malware analysts to elicit a problem abstraction along the lines of data, users, and tasks. The requirements emerging from this work can serve as basis for future design proposals to visual analytics-supported malware pattern analysis.
Refereed DesignationRefereed