Malware detection: program run length against detection rate

Okane P.; Sezer S.; McLaughlin K.; Im E.G.

首页> 外文期刊>Software, IET >Malware detection: program run length against detection rate

【24h】

Malware detection: program run length against detection rate

机译：恶意软件检测：程序运行长度与检测率的关系

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

N-gram analysis is an approach that investigates the structure of a program using bytes, characters or text strings. This research uses dynamic analysis to investigate malware detection using a classification approach based on N-gram analysis. A key issue with dynamic analysis is the length of time a program has to be run to ensure a correct classification. The motivation for this research is to find the optimum subset of operational codes (opcodes) that make the best indicators of malware and to determine how long a program has to be monitored to ensure an accurate support vector machine (SVM) classification of benign and malicious software. The experiments within this study represent programs as opcode density histograms gained through dynamic analysis for different program run periods. A SVM is used as the program classifier to determine the ability of different program run lengths to correctly determine the presence of malicious software. The findings show that malware can be detected with different program run lengths using a small number of opcodes.

机译：N-gram分析是一种使用字节，字符或文本字符串调查程序结构的方法。这项研究使用动态分析，使用基于N-gram分析的分类方法调查恶意软件检测。动态分析的关键问题是必须运行程序以确保正确分类的时间长度。这项研究的动机是找到可以最佳地表明恶意软件指标的最佳操作代码（操作码）子集，并确定必须监视程序多长时间，以确保对良性和恶意软件进行准确的支持向量机（SVM）分类软件。本研究中的实验将程序表示为通过对不同程序运行时间进行动态分析而获得的操作码密度直方图。 SVM用作程序分类器，以确定不同程序运行长度的能力，以正确确定恶意软件的存在。调查结果表明，可以使用少量操作码以不同的程序运行长度检测恶意软件。

著录项

来源
《Software, IET》 |2014年第1期|42-51|共10页
作者
Okane P.; Sezer S.; McLaughlin K.; Im E.G.;
展开▼
作者单位

Centre for Secure Information Technologies, Queen??s University Belfast, Northern Ireland, UK|c|;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词

相似文献

外文文献
中文文献
专利

1. Development of a Heuristic Mechanism for Detection of Malware Programs Based on Hidden Markov Models [J] . A. V. Kozachok Automatic Control and Computer Sciences . 2018,第8期

机译：基于隐马尔可夫模型的恶意软件程序检测的启发式机制的开发
2. Malware Detection Based on Hybrid Signature Behaviour Application Programming Interface Call Graph | Science Publications [J] . Ahmed H. Osman, Ammar A.E. Elhadi, Mohd A. Maarof American journal of applied sciences . 2012,第3期

机译：基于混合签名行为的恶意软件检测应用程序接口调用图科学出版物
3. Malware Detection Based on Hybrid Signature Behavior Application Programming Interface Call Graph [J] . Ammar Ahmed E. Elhadi, Mohd Aizaini Maarof, Ahmed Hamza Osman American journal of applied sciences . 2012,第3期

机译：基于混合签名行为的应用程序接口调用图恶意软件检测
4. Malware Detection by Exploiting Deep Learning over Binary Programs [C] . Panpan Qi, Zhaoqi Zhang, Wei Wang, International Conference on Pattern Recognition . 2021

机译：通过利用二进制程序深入学习恶意软件检测
5. Man-machine partial program analysis for malware detection. [D] . Deering, Thomas Norman. 2015

机译：人机局部程序分析，用于恶意软件检测。
6. Accurate mobile malware detection and classification in the cloud [O] . Xiaolei Wang, Yuexiang Yang, Yingzhi Zeng -1

机译：在云中进行准确的移动恶意软件检测和分类
7. Generic Packing Detection Using Several Complexity Analysis for Accurate Malware Detection [O] . Dr. Mafaz 2014

机译：使用几种复杂性分析进行通用包装检测，以便精确恶意软件检测

Malware detection: program run length against detection rate

摘要

著录项

相似文献

相关主题

期刊订阅