%0 Journal Article %A QIAN Yucun %A PENG Guojun %A WANG Ying %A LIANG Yu %T Homology analysis of malicious code and family clustering %D 2015 %R %J Computer Engineering and Applications %P 76-81 %V 51 %N 18 %X With the problem of the explosive growth of malicious code and many of the malicious samples are variations of previously encountered samples, this paper presents a novel approach to investigate the homology of malicious code based on behavior characteristics. To distinguish the variations of malicious code, it studies the malicious behavior of malwares, then computes the similarity of characteristics and the call graphs which are extracted by disassembly tools. It employs the clustering algorithms of DBSCAN to discover the family of malicious code. Experiments show that it effectively investigates the homology of malicious code and cluster variations into different malicious code family. %U http://cea.ceaj.org/EN/abstract/article_33645.shtml