28 May 2013 Software analysis in the semantic web
Author Affiliations +
Many approaches in software analysis, particularly dynamic malware analyis, benefit greatly from the use of linked data and other Semantic Web technology. In this paper, we describe AIS, Inc.’s Semantic Extractor (SemEx) component from the Malware Analysis and Attribution through Genetic Information (MAAGI) effort, funded under DARPA’s Cyber Genome program. The SemEx generates OWL-based semantic models of high and low level behaviors in malware samples from system call traces generated by AIS’s introspective hypervisor, IntroVirtTM. Within MAAGI, these semantic models were used by modules that cluster malware samples by functionality, and construct “genealogical” malware lineages. Herein, we describe the design, implementation, and use of the SemEx, as well as the C2DB, an OWL ontology used for representing software behavior and cyber-environments.
© (2013) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Joshua Taylor, Joshua Taylor, Robert T. Hall, Robert T. Hall, "Software analysis in the semantic web", Proc. SPIE 8757, Cyber Sensing 2013, 87570A (28 May 2013); doi: 10.1117/12.2016122; https://doi.org/10.1117/12.2016122

Back to Top