高级搜索
    删除搜索历史记录.
    我的图书馆

    An Enhanced Automated Signature Generation Algorithm for Polymorphic Malware Detection

    作者: Ming-Tian Zhou , Zhi-Hong Zuo , Ke Tang

    DOI:

    关键词: Similarity (geometry)False positive rateMetric (mathematics)Signature (logic)Computer scienceCentroidAlgorithmMahalanobis distanceMalwareCluster analysis

    摘要: Polymorphic malware is a secure menace for application of computer network systems because hacker can evade detection and launch stealthy attacks. In this paper, novel enhanced automated signature generation (EASG) algorithm to detect polymorphic proposed. The EASG composed enhanced-expectation maximum K-means clustering algorithm. algorithm, the fixed threshold value replaced by decision interval area. false positive ratio be controlled at low level, iterative operations execution time are effectively reduced. Moreover, centroid updating realized similarity metric Mahalanobis distance incremental learning. Different group families partitioned updating.

    参考文章(23)
    1.
    Jim Marshall, Adele Cutler, Pranab Banerjee, Robert F. Erbacher, A Multi-Layered Approach to Botnet Detection. Security and Management. pp. 301- 308 ,(2008)
    2.
    Paul Barford, Vinod Yegneswaran, An Inside Look at Botnets Advances in Information Security. pp. 171- 191 ,(2007) , 10.1007/978-0-387-44599-1_8
    3.
    Animesh Patcha, Jung-Min Park, None, An overview of anomaly detection techniques: Existing solutions and latest technological trends Computer Networks. ,vol. 51, pp. 3448- 3470 ,(2007) , 10.1016/J.COMNET.2007.02.001
    4.
    Greg Goth, Fast-Moving Zombies: Botnets Stay a Step Ahead of the Fixes IEEE Internet Computing. ,vol. 11, pp. 7- 9 ,(2007) , 10.1109/MIC.2007.32
    5.
    D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, N. Weaver, Inside the Slammer worm ieee symposium on security and privacy. ,vol. 1, pp. 33- 39 ,(2003) , 10.1109/MSECP.2003.1219056
    6.
    Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, Mattia Monga, LISABETH Proceedings of the fourth international workshop on Software engineering for secure systems - SESS '08. pp. 41- 48 ,(2008) , 10.1145/1370905.1370911
    7.
    Burak Bayoglu, Ibrahim Sogukpinar, Polymorphic worm detection using token-pair signatures Proceedings of the 4th international workshop on Security, privacy and trust in pervasive and ubiquitous computing - SecPerU '08. pp. 7- 12 ,(2008) , 10.1145/1387329.1387331
    8.
    Xue Bai, Siwei Luo, Yibiao Zhao, Entropy based soft K-means clustering granular computing. pp. 107- 110 ,(2008) , 10.1109/GRC.2008.4664627
    9.
    Zhaosheng Zhu, Guohan Lu, Yan Chen, Zhi Judy Fu, Phil Roberts, Keesook Han, Botnet Research Survey computer software and applications conference. pp. 967- 972 ,(2008) , 10.1109/COMPSAC.2008.205
    10.
    Ting-Fang Yen, Michael K. Reiter, Traffic Aggregation for Malware Detection international conference on detection of intrusions and malware and vulnerability assessment. pp. 207- 227 ,(2008) , 10.1007/978-3-540-70542-0_11
    来源期刊
    • 2010 年,
    • Volume: , Issue: ,
    • Page:
    相似文章 10
    学术资源搜索(ver.BATE)

    为学术研究人员、学生以及专业人士设计的在线资源检索工具。
    致力于为用户提供全球范围内高质量开放学术文献、研究报告、会议论文、期刊文章等学术资源的便捷访问.

    Copyright © 2023. KipHub all right reserved. 沪ICP备2023020492号-1
    联系方式Terms & ConditionsSecurity
    Copyright 2023 ©KipHub.