Mosli et al., 2016 - Google Patents
Automated malware detection using artifacts in forensic memory imagesMosli et al., 2016
- Document ID
- 9572174861169331825
- Author
- Mosli R
- Li R
- Yuan B
- Pan Y
- Publication year
- Publication venue
- 2016 IEEE Symposium on Technologies for Homeland Security (HST)
External Links
Snippet
Malware is one of the greatest and most rapidly growing threats to the digital world. Traditional signature-based detection is no longer adequate to detect new variants and highly targeted malware. Furthermore, dynamic detection is often circumvented with anti-VM …
- 238000001514 detection method 0 title abstract description 32
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6279—Classification techniques relating to the number of classes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6217—Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
- G06K9/6228—Selecting the most significant subset of features
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/36—Image preprocessing, i.e. processing the image information without deciding about the identity of the image
- G06K9/46—Extraction of features or characteristics of the image
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F19/00—Digital computing or data processing equipment or methods, specially adapted for specific applications
- G06F19/10—Bioinformatics, i.e. methods or systems for genetic or protein-related data processing in computational molecular biology
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Mosli et al. | Automated malware detection using artifacts in forensic memory images | |
| US11423146B2 (en) | Provenance-based threat detection tools and stealthy malware detection | |
| Fan et al. | Malicious sequential pattern mining for automatic malware detection | |
| Xiaofeng et al. | ASSCA: API sequence and statistics features combined architecture for malware detection | |
| US20110041179A1 (en) | Malware detection | |
| Banin et al. | Multinomial malware classification via low-level features | |
| Rafiq et al. | AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems | |
| Eskandari et al. | To incorporate sequential dynamic features in malware detection engines | |
| San et al. | Malicious software family classification using machine learning multi-class classifiers | |
| Hu et al. | Scalable malware classification with multifaceted content features and threat intelligence | |
| Naeem et al. | Digital forensics for malware classification: An approach for binary code to pixel vector transition | |
| Alshamrani | Design and analysis of machine learning based technique for malware identification and classification of portable document format files | |
| Ugarte-Pedrero et al. | On the adoption of anomaly detection for packed executable filtering | |
| Deepserish et al. | PET-Droid: Android malware detection using static analysis | |
| Soliman et al. | Robust Malicious Executable Detection Using Host-Based Machine Learning Classifier. | |
| Nandagopal et al. | Classification of Malware with MIST and N-Gram Features Using Machine Learning. | |
| Wang et al. | PFESG: Permission-based android malware feature extraction algorithm | |
| Bhooshan et al. | Comprehensive Android malware detection: Leveraging machine learning and sandboxing techniques through static and dynamic analysis | |
| Vijay et al. | Android-based smartphone malware exploit prevention using a machine learning-based runtime detection system | |
| Pradipta et al. | Malware Classification Using Machine Learning and Dimension Reduction Techniques on PE File Data | |
| Shashank et al. | File based malware detection using ensemble method | |
| Kinger et al. | Malware analysis using machine learning techniques | |
| Amin et al. | Malware Classification using Dynamic Analysis with Deep Learning | |
| Rabitoy | Development and integration of machine learning and AI pattern recognition in malware detection: a quantitative and summative analysis of models | |
| Kikelomo et al. | Malware Detection System Using Mathematics of Random Forest Classifier |