Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute Analysis
Malware analysis is a crucial area of cybersecurity, focusing on identifying, categorizing, and studying malicious software to prevent it from posing a threat to computer systems. This study introduces a new approach to malware analysis by integrating two methods, Shared Code Analysis (SCA) and Shar...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11045919/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849432875206705152 |
|---|---|
| author | Narayandas Sai Ramana Vashista K. Abhimanyu Kumar Patro |
| author_facet | Narayandas Sai Ramana Vashista K. Abhimanyu Kumar Patro |
| author_sort | Narayandas Sai Ramana Vashista |
| collection | DOAJ |
| description | Malware analysis is a crucial area of cybersecurity, focusing on identifying, categorizing, and studying malicious software to prevent it from posing a threat to computer systems. This study introduces a new approach to malware analysis by integrating two methods, Shared Code Analysis (SCA) and Shared Attribute Analysis (SAA). The SCA component searches for similarities in code within multiple malware samples using the MinHash techniques. The SAA component uses the Jaccard indexing technique to analyze and approximate similarity based on malware samples’ attributes. The visualization is implemented using NetworkX with Graphviz, where nodes represent individual malware samples and edges represent close relations. The visualization is provided as a PNG file, demonstrating the grouping of related malware samples according to their attributes. A real-life case based on malware samples from GitHub repositories illustrates the application of the proposed methodology. The integration of the Jaccard Index and MinHash provides an extensive method for covering the relationships among malware and enhancing detection and categorization steps. The proposed approach not only provides a better understanding of code patterns, but it also helps visualize attribute-based maximum similarity, making it a valuable tool for researchers and cybersecurity professionals. |
| format | Article |
| id | doaj-art-9a358c88bb2a43b0b6d0281ef07485db |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-9a358c88bb2a43b0b6d0281ef07485db2025-08-20T03:27:14ZengIEEEIEEE Access2169-35362025-01-011310748210749810.1109/ACCESS.2025.358216411045919Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute AnalysisNarayandas Sai Ramana Vashista0https://orcid.org/0009-0002-7186-5805K. Abhimanyu Kumar Patro1https://orcid.org/0000-0001-7807-7874Department of Mechatronics, Manipal Institute of Technology, Manipal Academy of Higher Education, Manipal, Karnataka, IndiaDepartment of Mechatronics, Manipal Institute of Technology, Manipal Academy of Higher Education, Manipal, Karnataka, IndiaMalware analysis is a crucial area of cybersecurity, focusing on identifying, categorizing, and studying malicious software to prevent it from posing a threat to computer systems. This study introduces a new approach to malware analysis by integrating two methods, Shared Code Analysis (SCA) and Shared Attribute Analysis (SAA). The SCA component searches for similarities in code within multiple malware samples using the MinHash techniques. The SAA component uses the Jaccard indexing technique to analyze and approximate similarity based on malware samples’ attributes. The visualization is implemented using NetworkX with Graphviz, where nodes represent individual malware samples and edges represent close relations. The visualization is provided as a PNG file, demonstrating the grouping of related malware samples according to their attributes. A real-life case based on malware samples from GitHub repositories illustrates the application of the proposed methodology. The integration of the Jaccard Index and MinHash provides an extensive method for covering the relationships among malware and enhancing detection and categorization steps. The proposed approach not only provides a better understanding of code patterns, but it also helps visualize attribute-based maximum similarity, making it a valuable tool for researchers and cybersecurity professionals.https://ieeexplore.ieee.org/document/11045919/Malware analysisJaccard indexMinHashnetwork visualizationcybersecuritydata mining |
| spellingShingle | Narayandas Sai Ramana Vashista K. Abhimanyu Kumar Patro Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute Analysis IEEE Access Malware analysis Jaccard index MinHash network visualization cybersecurity data mining |
| title | Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute Analysis |
| title_full | Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute Analysis |
| title_fullStr | Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute Analysis |
| title_full_unstemmed | Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute Analysis |
| title_short | Enhancing Malware Analysis Using Data Visualization Through Shared Code and Attribute Analysis |
| title_sort | enhancing malware analysis using data visualization through shared code and attribute analysis |
| topic | Malware analysis Jaccard index MinHash network visualization cybersecurity data mining |
| url | https://ieeexplore.ieee.org/document/11045919/ |
| work_keys_str_mv | AT narayandassairamanavashista enhancingmalwareanalysisusingdatavisualizationthroughsharedcodeandattributeanalysis AT kabhimanyukumarpatro enhancingmalwareanalysisusingdatavisualizationthroughsharedcodeandattributeanalysis |