Lemmou et al., 2019 - Google Patents
Discriminating unknown software using distance modelLemmou et al., 2019
View PDF- Document ID
- 12618479211878219640
- Author
- Lemmou Y
- Le-Bouder H
- Lanet J
- Publication year
- Publication venue
- 2019 International Conference on Advanced Computer Science and information Systems (ICACSIS)
External Links
Snippet
Crypto-ransomware is a class of malware that encrypt their victim's data and only return the decryption key in exchange for a ransom. In a previous work, we have yet designed a solution able to detect any ciphering of files using statistical estimator. Once detected, a pop …
- 238000000034 method 0 abstract description 22
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Scalas et al. | On the effectiveness of system API-related information for Android ransomware detection | |
| Maiorca et al. | R-PackDroid: API package-based characterization and detection of mobile ransomware | |
| Surendran et al. | A TAN based hybrid model for android malware detection | |
| Alsmadi et al. | A survey on malware detection techniques | |
| US8713681B2 (en) | System and method for detecting executable machine instructions in a data stream | |
| Herron et al. | Machine learning-based android malware detection using manifest permissions | |
| Almousa et al. | Api-based ransomware detection using machine learning-based threat detection models | |
| Singh et al. | Tracking concept drift in malware families | |
| CN105229612B (en) | The detection performed using the abnormal program of hardware based microarchitecture data | |
| Wang et al. | Jsdc: A hybrid approach for javascript malware detection and classification | |
| Banin et al. | Multinomial malware classification via low-level features | |
| US20100192222A1 (en) | Malware detection using multiple classifiers | |
| Zakeri et al. | A static heuristic approach to detecting malware targets | |
| Karbab et al. | Fingerprinting Android packaging: Generating DNAs for malware detection | |
| Najari et al. | Malware detection using data mining techniques | |
| Shahzad et al. | Detection of spyware by mining executable files | |
| Maleki et al. | An improved method for packed malware detection using PE header and section table information | |
| Alvi et al. | RansomGuard: a framework for proactive detection and mitigation of cryptographic windows ransomware | |
| Baychev et al. | Spearphishing malware: Do we really know the unknown? | |
| Rosli et al. | Ransomware behavior attack construction via graph theory approach | |
| Deepserish et al. | PET-Droid: Android malware detection using static analysis | |
| Javed et al. | Enhancing malware classification through dynamic behavioral analysis, SIEM integration, and deep learning | |
| Ninyesiga et al. | Malware classification using API system calls | |
| Nugraha et al. | Malware classification using machine learning algorithm | |
| Lemmou et al. | Discriminating unknown software using distance model |