| Autor: |
Chen, Chia-Mei, Lin, Ze-Yu, Ou, Ya-Hui, Lin, Jiunn-Wu |
| Zdroj: |
International Journal of Security and Networks; 2024, Vol. 19 Issue: 1 p20-30, 11p |
| Abstrakt: |
Advanced persistent threat (APT) attacks take place every day, utilising stealthy and customised malware to disrupt the service or sabotage the network. Such advanced malware may subvert the defence mechanism by abusing process injection techniques provided by operating system and injecting malicious code into a benign process. Some process injection techniques may be identified by static analysis, but some can only be discovered at run time execution. This study adopts deep learning models and two malware analysis approaches to detect process injection malware. By applying transfer learning, this study proposes a CNN-based detection model with the features selected from static and dynamic analysis to identify process-injection malware. The experimental results demonstrate that the proposed method could detect process-injection malware efficiently as well as unknown malware. |
| Databáze: |
Supplemental Index |
| Externí odkaz: |
|
