Intelligent malware detection based on file relation graphs
作者: Lingwei Chen , Tao Li , Melih Abdulhayoglu , Yanfang Ye
DOI: 10.1109/ICOSC.2015.7050784
关键词: Internet security 、 Cloud computing security 、 Relation (database) 、 Naive Bayes classifier 、 Machine learning 、 Artificial intelligence 、 Application programming interface 、 Malware 、 Computer science 、 Support vector machine 、 Data mining 、 Cryptovirology
摘要: Due to its damage Internet security, malware and detection has caught the attention of both anti-malware industry researchers for decades. Many research efforts have been conducted on developing intelligent systems. In these systems, resting analysis file contents extracted from samples, like Application Programming Interface (API) calls, instruction sequences, binary strings, data mining methods such as Naive Bayes Support Vector Machines used detection. However, driven by economic benefits, diversity sophistication significantly increased in recent years. Therefore, calls much more novel which are capable protect users against new threats, difficult evade. this paper, other than based we study how relation graphs can be propose a Belief Propagation algorithm constructed detect newly unknown malware. A comprehensive experimental real large collection Comodo Cloud Security Center is performed compare various approaches. Promising results demonstrate that accuracy efficiency our proposed method outperform alternate techniques.
ieeecomputersociety.org参考文章(26)
Andrei Venzhega, Polina Zhinalieva, Nikolay Suboch, Graph-based malware distributors detection the web conference. pp. 1141- 1144 ,(2013) , 10.1145/2487788.2488136
Duen Horng Chau, Carey Nachenberg, Christos Faloutsos, Adam Wright, Jeffrey Wilhelm, Polonium: Tera-Scale Graph Mining for Malware Detection ,(2013)
Nikos Karampatziakis, Jack W. Stokes, Anil Thomas, Mady Marinescu, Using file relationships in malware classification international conference on detection of intrusions and malware and vulnerability assessment. pp. 1- 20 ,(2012) , 10.1007/978-3-642-37300-8_1
A.H. Sung, J. Xu, P. Chavez, S. Mukkamala, Static analyzer of vicious executables (SAVE) annual computer security applications conference. pp. 326- 334 ,(2004) , 10.1109/CSAC.2004.37
V. S. Gulhane, Sandeep B. Damodhare, Intelligent malware detection system International Journal of Physical and Social Sciences. ,vol. 3, pp. 351- 356 ,(2013)
Jonathan S. Yedidia, Yair Weiss, William T. Freeman, Understanding belief propagation and its generalizations Exploring artificial intelligence in the new millennium. pp. 239- 269 ,(2003)
Yanfang Ye, Tao Li, Shenghuo Zhu, Weiwei Zhuang, Egemen Tas, Umesh Gupta, Melih Abdulhayoglu, Combining file content and file relations for cloud based malware detection Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '11. pp. 222- 230 ,(2011) , 10.1145/2020408.2020448
Mohammadreza Ektefa, Sara Memar, Fatimah Sidi, Lilly Suriani Affendey, Intrusion detection using data mining techniques 2010 International Conference on Information Retrieval & Knowledge Management (CAMP). pp. 200- 203 ,(2010) , 10.1109/INFRKM.2010.5466919
Eric Filiol, Malware Pattern Scanning Schemes Secure Against Black-box Analysis Journal in Computer Virology. ,vol. 2, pp. 35- 50 ,(2006) , 10.1007/S11416-006-0009-X
Yanfang Ye, Tao Li, Yong Chen, Qingshan Jiang, Automatic malware categorization using cluster ensemble knowledge discovery and data mining. pp. 95- 104 ,(2010) , 10.1145/1835804.1835820