Visual analysis of malware behavior using treemaps and thread graphs

6th International Workshop on Visualization for Cyber Security 2009, VizSec 2009 - Proceedings

Volumn , Issue , 2009, Pages 33-38

  Trinius, Philipp ^a   Holz, Thorsten ^a   Göbel, Jan ^a   Freiling, Felix C ^a  

^a UNIVERSITY OF MANNHEIM   (Germany)

Author keywords

Behavior analysis; Information visualization; Invasive software

Indexed keywords

AUTOMATICALLY GENERATED; BEHAVIOR ANALYSIS; INFORMATION VISUALIZATION; INVASIVE SOFTWARE; MALICIOUS BEHAVIOR; MALICIOUS SOFTWARE; MALWARES; TREE-MAPS; VISUAL ANALYSIS; VISUALIZATION TECHNIQUE;

COMPUTER CRIME; COMPUTER SOFTWARE; INFORMATION ANALYSIS; INFORMATION SYSTEMS; NETWORK SECURITY;

VISUALIZATION;

EID: 77949354717     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/VIZSEC.2009.5375540     Document Type: Conference Paper

References (12)

1. U. Bayer. Anubis: Analyzing Unknown Binaries. http://analysis.seclab. tuwien.ac.at/.
2. Gregory Conti, Erik Dean, Matthew Sinda, and Benjamin Sangster. Visual Reverse Engineering of Binary and Data Files. In Workshop on Visualization for Cyber Security (VizSec), 2008.
3. Cullen Linn and Saumya Debray. Obfuscation of Executable Code to Improve Resistance to Static Disassembly. In ACM Conference on Computer and Communications Security (CCS), 2003.
4. Andreas Moser, Christopher Kruegel, and Engin Kirda. Exploring Multiple Execution Paths for Malware Analysis. In IEEE Symposium on Security and Privacy, 2007.
5. Andreas Moser, Christopher Kruegel, and Engin Kirda. Limits of Static Analysis for Malware Detection. In Annual Computer Security Applications Conference (ACSAC), 2007.
6. Norman ASA. Norman SandBox. http://sandbox.norman.no/.
7. Igor V. Popov, Saumya K. Debray, and Gregory R. Andrews. Binary obfuscation using signals. In USENIX Security Symposium, 2007.
8. Ben Shneiderman. Treemaps for space-constrained visualization of hierarchies. Internet: http://www.cs.umd.edu/hcil/treemap-history/.
9. Ben Shneiderman. Tree Visualization With Tree-Maps: 2-D Space-Filling Approach. ACM Trans. Graph., 11(1), 1992.
10. Symantec. Internet Security Threat Report Volume XIV. Internet: http://www.symantec.com/business/theme.jsp?themeid= threatreport, April 2009.
11. Carsten Willems, Thorsten Holz, and Felix Freiling. CWSandbox: Towards automated dynamic binary analysis. IEEE Security and Privacy, 5(2), March 2007.
12. Ying Xia, Kevin Fairbanks, and Henry Owen. Visual Analysis of Program Flow Data with Data Propagation. In Workshop on Visualization for Cyber Security (VizSec), 2008.