Gray, Jason;
Sgandurra, Daniele;
Cavallaro, Lorenzo;
Blasco Alis, Jorge;
(2024)
Identifying Authorship in Malicious Binaries: Features, Challenges & Datasets.
ACM Computing Surveys
, 56
(8)
, Article 212. 10.1145/3653973.
Preview |
PDF
2101.06124v2.pdf - Accepted Version Download (911kB) | Preview |
Abstract
Attributing a piece of malware to its creator typically requires threat intelligence. Binary attribution increases the level of difficulty as it mostly relies upon the ability to disassemble binaries to obtain authorship-related features. We perform a systematic analysis of works in the area of malware authorship attribution. We identify key findings and some shortcomings of current approaches and explore the open research challenges. To mitigate the lack of ground-truth datasets in this domain, we publish alongside this survey the largest and most diverse meta-information dataset of 17,513 malware labeled to 275 threat actor groups.
| Type: | Article |
|---|---|
| Title: | Identifying Authorship in Malicious Binaries: Features, Challenges & Datasets |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1145/3653973 |
| Publisher version: | http://dx.doi.org/10.1145/3653973 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| Keywords: | Science & Technology, Technology, Computer Science, Theory & Methods, Computer Science, Adversarial, malware, authorship attribution, advanced persistent threats, datasets, MALWARE, ATTRIBUTION |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10208027 |
Archive Staff Only
 |
View Item |
