@inproceedings{thur_bigram_2017, address = {St. Pölten}, title = {A {Bigram} {Supported} {Generic} {Knowledge}-{Assisted} {Malware} {Analysis} {System}: {BiG2}-{KAMAS}}, url = {http://mc.fhstp.ac.at/sites/default/files/publications/Thuer_B2KAMAS_2017.pdf}, abstract = {Malicious software, short "malware", refers to software programs that are designed to cause damage or to perform unwanted actions on the infected computer system. Behavior-based analysis of malware typically utilizes tools that produce lengthy traces of observed events, which have to be analyzed manually or by means of individual scripts. Due to the growing amount of data extracted from malware samples, analysts are in need of an interactive tool that supports them in their exploration efforts. In this respect, the use of visual analytics methods and stored expert knowledge helps the user to speed up the exploration process and, furthermore, to improve the quality of the outcome. In this paper, the previously developed KAMAS prototype is extended with additional features such as the integration of a bi-gram based valuation approach to cover further malware analysts’ needs. The result is a new prototype which was evaluated by two domain experts in a detailed user study.}, booktitle = {Proceedings of the 10th {Forum} {Media} {Technology} 2017}, publisher = {CEUR-WS}, author = {Thür, Niklas and Wagner, Markus and Schick, Johannes and Niederer, Christina and Eckel, Jürgen and Luh, Robert and Aigner, Wolfgang}, month = nov, year = {2017}, note = {Projekt: KAVA-Time}, keywords = {2017, Design Study, Forschungsgruppe Digital Technologies, Forschungsgruppe Media Computing, Institut für Creative Media Technologies, Publikationstyp Präsentation, Publikationstyp Schriftpublikation, Visual analytics, behavior-based, interactive, knowledge generation, malicious software, malware analysis, peer-reviewed, prototype, visualization}, pages = {107--115}, }