Integrating Dynamic Analysis Using Clustering Techniques for local Malware in Indonesia

摘要

The understanding and predict threats to the security of information systems become really important in order to protect critical systems. Protection against the threat of computer threats have been adequately considered with anti-virus software which resulted in an increase in world surveys from CSI Survey 2008 for the use of security technologies against malware is that the use of antivirus stand in the first position with 97% usage rate. Malware has several characteristics and behavior that vary according to the programming techniques and objectives of the creator of the virus. Protection so that the system efficacy rely solely on antivirus software alone, not be considered sufficient. local malware have got a lot of attention to be seriously considered. This can be proofed with contribution and sharing information of Indonesia computer security communities and professional, Indonesia CERT, and also antivirus vendor consist of worldwide antivirus vendor and local antivirus vendor . local malware is not different from the other malware in the world that it is a potential threat. This research will focus on local malware analysis using data mining especially with clustering techniques and conducted to serve objective of analyzing local malwares characteristics/behaviors. This research propose Self-Organizing Map (SOM) and Simple K-means as the clustering analysis techniques.