摘要: Computer systems linked to the Internet are confronted with a plethora of security threats, ranging from classic computer worms involved drive-by downloads and bot networks. In last years these threats have reached new quality automatization sophistication, rendering most defenses ineffective. Conventional measures that rely on manual analysis incidents attack development inherently fail provide timely protection threats. As consequence, often remain unprotected over longer periods time. The field machine learning has been considered an ideal match for this problem, as methods ability automatically analyze data support early detection However, only few research produced practical results so far there is notable skepticism in community about learning-based defenses. paper, we reconsider problems, challenges advantages combining security. We identify factors critical efficacy acceptance present directions perspectives successfully linking both fields aim at fostering intelligent methods.
prosec-project.org
uni-goettingen.de 参考文章(17)
Jose Nazario, PhoneyC: a virtual client honeypot usenix conference on large scale exploits and emergent threats. pp. 6- 6 ,(2009)
Christopher Kruegel, Giovanni Vigna, Federico Maggi, William K. Robertson, Effective Anomaly Detection with Scarce Training Data network and distributed system security symposium. pp. 1- 16 ,(2010)
Angelos D. Keromytis, Salvatore J. Stolfo, Yingbo Song, Spectrogram: A Mixture-of-Markov-Chains Model for Anomaly Detection in Web Traffic network and distributed system security symposium. pp. 121- 135 ,(2009) , 10.7916/D86W9K09
Yingbo Song, Michael E. Locasto, Angelos Stavrou, Angelos D. Keromytis, Salvatore J. Stolfo, On the infeasibility of modeling polymorphic shellcode Machine Learning. ,vol. 81, pp. 179- 205 ,(2010) , 10.1007/S10994-009-5143-5
Konrad Rieck, Philipp Trinius, Carsten Willems, Thorsten Holz, Automatic analysis of malware behavior using machine learning Journal of Computer Security. ,vol. 19, pp. 639- 668 ,(2011) , 10.3233/JCS-2010-0410
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, Engin Kirda, Scalable, behavior-based malware clustering network and distributed system security symposium. ,(2009)
Marco Cova, Christopher Kruegel, Giovanni Vigna, Detection and analysis of drive-by-download attacks and malicious JavaScript code the web conference. pp. 281- 290 ,(2010) , 10.1145/1772690.1772720
Robin Sommer, Vern Paxson, Outside the Closed World: On Using Machine Learning for Network Intrusion Detection ieee symposium on security and privacy. pp. 305- 316 ,(2010) , 10.1109/SP.2010.25
Konrad Rieck, Tammo Krueger, Andreas Dewald, Cujo: efficient detection and prevention of drive-by-download attacks annual computer security applications conference. pp. 31- 39 ,(2010) , 10.1145/1920261.1920267
R. Perdisci, D. Dagon, Wenke Lee, P. Fogla, M. Sharif, Misleading worm signature generators using deliberate noise injection ieee symposium on security and privacy. pp. 17- 31 ,(2006) , 10.1109/SP.2006.26