Eskandari et al., 2012 - Google Patents
To incorporate sequential dynamic features in malware detection enginesEskandari et al., 2012
View PDF- Document ID
- 5994649841041079557
- Author
- Eskandari M
- Khorshidpur Z
- Hashemi S
- Publication year
- Publication venue
- 2012 European Intelligence and Security Informatics Conference
External Links
Snippet
Currently, signature-based detection is a widely used method within commercial antivirus. Although this method is still used by the most commercial antivirus softwares and is capable of detecting specific malwares quickly, it fails to detect new malwares. Therefore, antivirus …
- 238000001514 detection method 0 title abstract description 39
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Aryal et al. | A survey on adversarial attacks for malware analysis | |
| Singh et al. | Detection of malicious software by analyzing the behavioral artifacts using machine learning algorithms | |
| Fredrikson et al. | Synthesizing near-optimal malware specifications from suspicious behaviors | |
| Mosli et al. | Automated malware detection using artifacts in forensic memory images | |
| Kapravelos et al. | Revolver: An automated approach to the detection of evasive web-based malware | |
| Eskandari et al. | HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection | |
| Poudyal et al. | Analysis of crypto-ransomware using ML-based multi-level profiling | |
| Wang et al. | Jsdc: A hybrid approach for javascript malware detection and classification | |
| Eskandari et al. | To incorporate sequential dynamic features in malware detection engines | |
| Banin et al. | Multinomial malware classification via low-level features | |
| EP2975873A1 (en) | A computer implemented method for classifying mobile applications and computer programs thereof | |
| US20070094734A1 (en) | Malware mutation detector | |
| Aslan et al. | Using a subtractive center behavioral model to detect malware | |
| Carlin et al. | Dynamic analysis of malware using run-time opcodes | |
| Mateless et al. | Decompiled APK based malicious code classification | |
| Eskandari et al. | Frequent sub‐graph mining for intelligent malware detection | |
| Singh et al. | Unveiling the veiled: An early stage detection of fileless malware | |
| Tian | An integrated malware detection and classification system | |
| Nadeem et al. | Intelligent malware defenses | |
| Rozenberg et al. | A method for detecting unknown malicious executables | |
| Yang et al. | Ransomware detection with CNN and deep learning based on multiple features of portable executable files | |
| Poudyal | Multi-level analysis of Malware using Machine Learning | |
| Crepaldi | Automatic malware signature generation | |
| Bai et al. | Malware detection method based on dynamic variable length API sequence | |
| Nix | Applying deep learning techniques to the analysis of Android APKs |