Malware detection by meta-information of used system functions
| Autor: | Alexey Kirillov, Ludmila Babenko |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
021110 strategic
defence & security studies Computer science Feature vector 0211 other engineering and technologies k-means clustering 02 engineering and technology Static analysis computer.software_genre Set (abstract data type) Function pointer 020204 information systems 0202 electrical engineering electronic engineering information engineering Key (cryptography) Malware Data mining Cluster analysis computer |
| Zdroj: | SIN |
| Popis: | The method of detecting malicious software proposed in this paper makes it possible to detect malicious samples as a separate class, without reference to the specific features of a particular family. To solve this problem, we use a set of quantitative characteristics, developed on the basis of qualitative data on the test sample, obtained as a result of static and behavioral analysis of samples. At the same time, a key role in the formation of the feature space is played by meta-information about the system functions used, obtained as a result of behavioral analysis. According to the results of experimental studies, it was revealed that the error in the clustering of malware samples is up to 42% less than in competing classification methods. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|