POSTER: Toward Automating the Generation of Malware Analysis Reports Using the Sandbox Logs
| Title | POSTER: Toward Automating the Generation of Malware Analysis Reports Using the Sandbox Logs |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Sun, Bo, Fujino, Akinori, Mori, Tatsuya |
| Conference Name | Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4139-4 |
| Keywords | Human Behavior, malware analysis, Metrics, natural language processing, pubcrawl, reports, Resiliency, sandbox logs |
| Abstract | In recent years, the number of new examples of malware has continued to increase. To create effective countermeasures, security specialists often must manually inspect vast sandbox logs produced by the dynamic analysis method. Conversely, antivirus vendors usually publish malware analysis reports on their website. Because malware analysis reports and sandbox logs do not have direct connections, when analyzing sandbox logs, security specialists can not benefit from the information described in such expert reports. To address this issue, we developed a system called ReGenerator that automates the generation of reports related to sandbox logs by making use of existing reports published by antivirus vendors. Our system combines several techniques, including the Jaccard similarity, Natural Language Processing (NLP), and Generation (NLG), to produce concise human-readable reports describing malicious behavior for security specialists. |
| URL | http://doi.acm.org/10.1145/2976749.2989064 |
| DOI | 10.1145/2976749.2989064 |
| Citation Key | sun_poster:_2016 |