Scientific Classification of Malware from Practice and Multi-Label Mechanism for Risky Behaviors
Abstract
Xiao Xinguang, Li Chenping, Han Yaoguang, Tong Zhiming and Li Qi
Objective: In order to respond to the demand of academia and industry for scientific malware classification methods.
Method: based on the existing work, this study draws on the advantages of Kaspersky's relatively rigorous multi-segment classification and naming, and is carried out according to the idea of emphasizing mutual exclusivity, complete coverage, and convergence, and is combined with the threat risk behavior labels.
Results: A set of malware classification framework that conforms to MECE principles, converges classification, and is compatible with industrial fact classification has been formed.
Implication: It can effectively support security defense and governance.