Automatic Generation Method for Malware Behavior Visualization Using CPN
CAO Hong-sheng(1,2),JIAO Jian(1,2),CHEN Xin2, LIU Qi-yuan(1,2)
1(Beijing Key Laboratory of Internet Culture and Digital Dissemination Research,Beijing Information Science and Technology University,Beijing 100101,China)2(School of Computer Science,Beijing Information Science and Technology University,Beijing 100101,China)
Abstract:At present,the research of malware behavior focuses on the recognition,but the research lacks a visual description of the behavioral logic of malicious software and the state changes caused by associated behaviors.This paper proposes a method of automatic generation of behavioral visualization.Based on the existing research on Android malware behavior,this paper presents the behavior model of Android malware,and uses the color Petri net(CPN)theory to generate corresponding visualization files.Finally,we apply our approach on real world malware.The simulation results of the malware behavior are compared with the online test results by the CPN Tools.And the experiments are carried out to verify the feasibility of the method by the existing malware.