Analyzing File-to-File Relation Network in Malware Detection

机译：在恶意软件检测中分析文件到文件关系网络

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Due to its major threats to Internet security, malware detection is of great interest to both the anti-malware industry and researchers. Currently, features beyond file content are starting to be leveraged for malware detection (e.g., file-to-file relations), which provide invaluable insight about the properties of file samples. However, we still have much to understand about the relationships of malware and benign files. In this paper, based on the file-to-file relation network, we design several new and robust graph-based features for malware detection and reveal its relationship characteristics. Based on the designed features and two findings, we first apply Malicious Score Inference Algorithm (MSIA) to select the representative samples from the large unknown file collection for labeling, and then use Belief Propagation (BP) algorithm to detect malware. To the best of our knowledge, this is the first investigation of the relationship characteristics for the file-to-file relation network in malware detection using social network analysis. A comprehensive experimental study on a large collection of file sample relations obtained from the clients of anti-malware software of Comodo Security Solutions Incorporation is performed to compare various malware detection approaches. Promising experimental results demonstrate that the accuracy and efficiency of our proposed methods outperform other alternate data mining based detection techniques.

机译：由于其对互联网安全的主要威胁，恶意软件检测对反恶意软件行业和研究人员来说非常兴趣。目前，将超出文件内容的功能开始利用恶意软件检测（例如，文件到文件关系），这为文件样本的属性提供了宝贵的洞察力。但是，我们仍然有很多了解恶意软件和良性文件的关系。在本文中，基于文件到文件关系网络，我们设计了用于恶意软件检测的新颖和强大的基于图形的基于格式的功能，并揭示其关系特性。基于设计的功能和两个发现，我们首先应用恶意刻度推理算法（MSIA）来选择来自大型未知文件集合的代表性样本进行标记，然后使用信仰传播（BP）算法来检测恶意软件。据我们所知，这是使用社交网络分析对恶意软件检测中文件到文件关系网络关系特性的首次调查。执行关于从Comodo安全解决方案的反恶意软件软件的客户端收集的大量文件示例关系的全面实验研究，以比较各种恶意软件检测方法。有希望的实验结果表明，我们所提出的方法的准确性和效率优于基于其他替代数据挖掘的检测技术。

著录项

来源
《International conference on web information systems engineering》|2015年||共16页
会议地点
作者
Lingwei Chen; William Hardy; Yanfang Ye; Tao Li;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算技术、计算机技术;
关键词
File-to-file relation network; Malware detection; Social network analysis;

机译：文件到文件关系网络;恶意软件检测;社交网络分析;

相似文献

外文文献
中文文献
专利

1. FindMal: A file-to-file social network based malware detection framework [J] . Ni Ming, Li Tao, Li Qianmu, Knowledge-Based Systems . 2016,第nova15期

机译：FindMal：基于文件到文件的社交网络的恶意软件检测框架
2. Modeling and analyzing malware diffusion in wireless sensor networks based on cellular automaton [J] . Hong Zhang, Shigen Shen, Qiying Cao, International Journal of Distributed Sensor Networks . 2020,第11期

机译：基于蜂窝自动机的无线传感器网络模型和分析恶意软件扩散
3. Modeling and analyzing malware propagation in social networks with heterogeneous infection rates [J] . Jia Peng, Liu Jiayong, Fang Yong, Physica, A. Statistical mechanics and its applications . 2018,第期

机译：非均相感染率建模与分析社交网络中的恶意软件传播
4. Analyzing File-to-File Relation Network in Malware Detection [C] . Lingwei Chen, William Hardy, Yanfang Ye, . 2015

机译：在恶意软件检测中分析文件间关系网络
5. Intelligent Malware Detection Using File-to-file Relations and Enhancing its Security against Adversarial Attacks [D] . Chen, Lingwei. 2019

机译：智能恶意软件检测使用文件到文件关系并提高其对抗对抗攻击的安全性
6. A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems [O] . Jung Woo Seo, Sang Jin Lee -1

机译：基于网络的IP欺骗DDoS和受恶意软件感染的系统的有效检测的研究
7. A Cuckoo's Egg in the Malware Nest: On-the-fly Signature-less Malware Analysis, Detection, and Containment for Large Networks [O] . Bolzoni Damiano, Schade Christiaan, Etalle Sandro 2011

机译：恶意软件嵌套中的杜鹃蛋：大型网络中的即时无签名恶意软件分析，检测和遏制

Analyzing File-to-File Relation Network in Malware Detection

摘要

著录项

相似文献

相关主题

期刊订阅