Title (eng): Prototype of KAMAS with five different analysis clusters.
Wagner, M. (Markus)
Aigner, W. (Wolfgang)
Thür, N. (Niklas)
Rind, A. (Alexander)
KAMAS is a knowledge-assisted visualization system for behavior-based malware analysis. It supports malware analysts with visual analytics and knowledge externalization methods for the analysis process.
As supplemental material to the COSE article, we added five different analysis clusters to the package, containing between 10 and 17 analyzed malware samples. These samples are from different malware families (e.g., the cluster C000-0031 contains Graybird, IRCBot and Koodface samples) and the analysis cluster contains between 61 and 794 generated rules. All the used samples were collected by our collaborators from the IT-security department in 2014. Overall they collected a sample set with 800 different samples from different malware families (worms, trojans and bots) for their analysis tests.
The ZIP file contains Java prototypes and preprocessed analysis data.
Object languages: English
This work is licensed under a CC BY 3.0 AT - Creative Commons Attribution 3.0 Austria License.
Classification: malicious software; malware analysis; behavior-based; prototype; visualization; visual analytics; interactive; knowledge generation; design study
|o:1264||A knowledge-assisted visual malware analysis system: Design, validation and reflection of KAMAS|