Malware Target Recognition of Unknown Threats

Dube; T.E.; Raines; R.A.; Grimaila; M.R.; Bauer; K.W.

首页> 外文期刊>IEEE systems journal >Malware Target Recognition of Unknown Threats

【24h】

Malware Target Recognition of Unknown Threats

机译：未知威胁的恶意软件目标识别

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Organizations traditionally use signature-based commercial antivirus products as a frontline defense against malware, but advanced persistent threats craft custom malicious tools to achieve their objectives. Organizations safeguarding sensitive information have difficulty in identifying new malware threats among millions of benign executables using only signature-based antivirus systems. This paper extends a performance-based malware target recognition architecture that currently uses only static heuristic features. Experimental results show that this architectural component achieves an overall test accuracy of 98.5% against a malware set collected from operational environments, while three commercial antivirus products combine for a detection accuracy of only 60% with their most sensitive settings. Implementations of this architecture will enable organizations to self-discover new malware threats, providing enhanced situation awareness for cyberspace operators in hostile threat environments.

机译：传统上，组织将基于签名的商业防病毒产品用作抵御恶意软件的前线防御，但是高级的持续威胁会制作自定义的恶意工具来实现其目标。仅使用基于签名的防病毒系统，保护敏感信息的组织就难以在数百万个良性可执行文件中识别新的恶意软件威胁。本文扩展了基于性能的恶意软件目标识别体系结构，该体系结构目前仅使用静态启发式功能。实验结果表明，针对从操作环境中收集的恶意软件，该体系结构组件的总体测试准确度达到98.5％，而三种商业防病毒产品在其最敏感的设置下的检测准确率仅为60％。此体系结构的实施将使组织能够自我发现新的恶意软件威胁，从而在敌对威胁环境中增强网络空间运营商的态势感知能力。

著录项

来源
《IEEE systems journal》 |2013年第3期|467-477|共11页
作者
Dube; T.E.; Raines; R.A.; Grimaila; M.R.; Bauer; K.W.;
展开▼
作者单位

Department of Electrical and Computer Engineering;

U.S. Air Force Institute of Technology;

Wright-Patterson AFB;

OH;

USA|c|;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Advanced persistent threat; antivirus; intrusion detection; malware detection; situation awareness;

机译：高级持续威胁;防病毒;入侵检测;恶意软件检测;态势感知;

相似文献

外文文献
中文文献
专利

1. The threat to identity from new and unknown malware [J] . P W Hodgson BT Technology Journal . 2005,第4期

机译：来自未知新恶意软件的身份威胁
2. A novel few-shot malware classification approach for unknown family recognition with multi-prototype modeling [J] . Peng Wang, Zhijie Tang, Junfeng Wang Computers & Security . 2021,第Jula期

机译：具有多原型建模的未知家庭认可的小说少量恶意软件分类方法
3. Static Heuristics Classifiers as Pre-Filter for Malware Target Recognition (MATR) [J] . Anuj Lohani, Aditi Lohani, Jitendra Singh, American Journal of Networks and Communications . 2015,第3期

机译：静态启发式分类器作为恶意软件目标识别（MATR）的预过滤器
4. Detection of Privacy Threat by Peculiar Feature Extraction in Malwares to Combat Targeted Cyber Attacks [C] . Farhan Habib Ahmad, Komal Batool, Azhar Javed International conference on communication and computer engineering . 2016

机译：通过恶意软件中奇特的特征提取来检测隐私威胁，以打击目标网络攻击
5. A novel malware target recognition architecture for enhanced cyberspace situation awareness. [D] . Dube, Thomas E. 2011

机译：一种新颖的恶意软件目标识别架构，可增强网络空间状况的意识。
6. Can prey exhibit threat-sensitive generalization of predator recognition? Extending the Predator Recognition Continuum Hypothesis [O] . Maud C.O Ferrari, François Messier, Douglas P Chivers 2008

机译：猎物能否表现出对威胁敏感的捕食者识别泛化？扩展捕食者识别连续体假说
7. Automatic Target Recognition with Unknown Orientation and Adaptive Waveforms [O] . Junhyeong Bae, Nathan A. Goodman 2014

机译：具有未知方向和自适应波形的自动目标识别
8. Evaluation of Malware Target Recognition Deployed in a Cloud-Based Fileserver Environment [R] . Masters, G. P. 2012

机译：在基于云的文件服务器环境中部署的恶意软件目标识别的评估

Malware Target Recognition of Unknown Threats

摘要

著录项

相似文献

相关主题

期刊订阅