Chi-squared distance and metamorphic virus detection
作者: Annie H. Toderici , Mark Stamp
DOI: 10.1007/S11416-012-0171-2
关键词: Speech recognition 、 Artificial intelligence 、 Morphing 、 Metamorphic virus 、 Hidden Markov model 、 Chi-square test 、 Computer science 、 Software 、 Pattern recognition 、 Metamorphic malware 、 Malware
摘要: Metamorphic malware changes its internal structure with each generation, while maintaining original behavior. Current commercial antivirus software generally scan for known signatures; therefore, they are not able to detect metamorphic that sufficiently morphs structure. Machine learning methods such as hidden Markov models (HMM) have shown promise detecting hacker-produced malware. However, previous research has it is possible evade HMM-based detection by carefully morphing content from benign files. In this paper, we combine HMM a statistical technique based on the chi-squared test build an improved method. We discuss our in detail and provide experimental evidence support claim of detection.
springer.com
core.ac.uk
acm.org
sci-hub.se 参考文章(21)
John Aycock, Computer Viruses and Malware (Advances in Information Security) Springer-Verlag New York, Inc.. ,(2006)
David M. Chess, Steve R. White, An Undetectable Computer Virus ,(2000)
James P. Egan, Signal detection theory and ROC analysis Academic Press. ,(1975)
Wing Wong, Suneuy Kim, Sami Khuri, ANALYSIS AND DETECTION OF METAMORPHIC COMPUTER VIRUSES ,(2006)
Mark Stamp, Information Security: Principles and Practices ,(2005)
Peter Szor, The Art of Computer Virus Research and Defense ,(2005)
Jean-Marie Borello, Ludovic Mé, Code obfuscation techniques for metamorphic viruses Journal in Computer Virology. ,vol. 4, pp. 211- 220 ,(2008) , 10.1007/S11416-008-0084-2
Jeremy Z. Kolter, Marcus A. Maloof, Learning to detect malicious executables in the wild knowledge discovery and data mining. pp. 470- 478 ,(2004) , 10.1145/1014052.1014105
Alfred V. Aho, Margaret J. Corasick, Efficient string matching: an aid to bibliographic search Communications of The ACM. ,vol. 18, pp. 333- 340 ,(1975) , 10.1145/360825.360855
Kaan Ataman, W. Nick Street, Yi Zhang, Learning to Rank by Maximizing AUC with Linear Programming international joint conference on neural network. pp. 123- 129 ,(2006) , 10.1109/IJCNN.2006.246669