Scientific Classification of Malware from Practice and Multi-Label Mechanism for Risky Behaviors

Abstract

Xiao Xinguang, Li Chenping, Han Yaoguang, Tong Zhiming and Li Qi

Objective: In order to respond to the demand of academia and industry for scientific malware classification methods.

Method: based on the existing work, this study draws on the advantages of Kaspersky's relatively rigorous multi-segment classification and naming, and is carried out according to the idea of emphasizing mutual exclusivity, complete coverage, and convergence, and is combined with the threat risk behavior labels.

Results: A set of malware classification framework that conforms to MECE principles, converges classification, and is compatible with industrial fact classification has been formed.

Implication: It can effectively support security defense and governance.

PDF