Pektaş et al., 2015 - Google Patents
Runtime-behavior based malware classification using online machine learningPektaş et al., 2015
- Document ID
- 1085461083542357386
- Author
- Pektaş A
- Acarman T
- Falcone Y
- Fernandez J
- Publication year
- Publication venue
- 2015 World Congress on Internet Security (WorldCIS)
External Links
Snippet
Identification of malware's family is an intricate process whose success and accuracy depends on different factors. These factors are mainly related to the process of extracting of meaningful and distinctive features from a set of malware samples, modeling malware via its …
- 238000010801 machine learning 0 title abstract description 20
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Error detection; Error correction; Monitoring responding to the occurence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6217—Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6268—Classification techniques relating to the classification paradigm, e.g. parametric or non-parametric approaches
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Pektaş et al. | Classification of malware families based on runtime behaviors | |
| Surendran et al. | A TAN based hybrid model for android malware detection | |
| Pektaş et al. | Malware classification based on API calls and behaviour analysis | |
| Han et al. | {SIGL}: Securing software installations through deep graph learning | |
| Yang et al. | Malware detection in adversarial settings: Exploiting feature evolutions and confusions in android apps | |
| Kolosnjaji et al. | Deep learning for classification of malware system call sequences | |
| Huda et al. | Defending unknown attacks on cyber-physical systems by semi-supervised approach and available unlabeled data | |
| Dash et al. | Droidscribe: Classifying android malware based on runtime behavior | |
| Ghiasi et al. | Dynamic VSA: a framework for malware detection based on register contents | |
| EP2975873A1 (en) | A computer implemented method for classifying mobile applications and computer programs thereof | |
| US20220318387A1 (en) | Method and Computer for Learning Correspondence Between Malware and Execution Trace of the Malware | |
| Carlin et al. | A cost analysis of machine learning using dynamic runtime opcodes for malware detection | |
| Palahan et al. | Extraction of statistically significant malware behaviors | |
| Polino et al. | Jackdaw: Towards automatic reverse engineering of large datasets of binaries | |
| Feng et al. | Mace: High-coverage and robust memory analysis for commodity operating systems | |
| Thummapudi et al. | Detection of ransomware attacks using processor and disk usage data | |
| Pandiaraja et al. | A graph-based model for discovering host-based hook attacks | |
| US12475235B2 (en) | Generative cybersecurity exploit discovery and evaluation | |
| Faruki et al. | Behavioural detection with API call-grams to identify malicious PE files. | |
| Pektaş et al. | Runtime-behavior based malware classification using online machine learning | |
| Shah et al. | A survey on data mining approaches for dynamic analysis of malwares | |
| US11868473B2 (en) | Method for constructing behavioural software signatures | |
| US20210056076A1 (en) | High throughput embedding generation system for executable code and applications | |
| Sayadi et al. | On AI-Enabled Cybersecurity: Zero-Day Malware Detection | |
| CN114925363B (en) | Cloud online malicious software detection method based on recurrent neural network |