Valkyrie: Behavioral malware detection using global kernel-level telemetry data
作者: Sven Krasser , Brett Meyer , Patrick Crenshaw
DOI: 10.1109/MLSP.2015.7324334
关键词:
摘要: The growth in malware remains a major challenge to Internet security. In this paper, we present Valkyrie, classification system that is able identify malicious binaries purely based on behavioral traits gathered from large-scale telemetry submitted by endhosts using lightweight sensor component. Valkyrie utilizes the Apache Spark data processing framework and therefore process large volume of real-world short amount time. addition, since conducts all its heavy computation cloud, it imposes minimal load endpoints. achieves high confidence predictions at very low false positive rate, making suitable solution for use with production systems.
skrasser.com 参考文章(13)
Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov, Learning and Classification of Malware Behavior international conference on detection of intrusions and malware and vulnerability assessment. pp. 108- 125 ,(2008) , 10.1007/978-3-540-70542-0_6
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, Engin Kirda, Scalable, behavior-based malware clustering network and distributed system security symposium. ,(2009)
Engin Kirda, Paolo Milani Comparetti, Christopher Kruegel, Clemens Kolbitsch, Xiaoyong Zhou, XiaoFeng Wang, Effective and efficient malware detection at the end host usenix security symposium. pp. 351- 366 ,(2009)
George E. Dahl, Jack W. Stokes, Li Deng, Dong Yu, Large-scale malware classification using random projections and neural networks international conference on acoustics, speech, and signal processing. pp. 3422- 3426 ,(2013) , 10.1109/ICASSP.2013.6638293
Liang Shi, Jialan Que, Zhenyu Zhong, Brett Meyer, Patrick Crenshaw, Yuanchen He, A Scalable Implementation of Malware Detection Based on Network Connection Behaviors cyber-enabled distributed computing and knowledge discovery. pp. 59- 66 ,(2013) , 10.1109/CYBERC.2013.19
Yoshua Bengio, James Bergstra, Random search for hyper-parameter optimization Journal of Machine Learning Research. ,vol. 13, pp. 281- 305 ,(2012)
Fabian Pedregosa, Gaël Varoquaux, Alexandre Gramfort, Vincent Michel, Bertrand Thirion, Olivier Grisel, Mathieu Blondel, Andreas Müller, Joel Nothman, Gilles Louppe, Peter Prettenhofer, Ron Weiss, Vincent Dubourg, Jake Vanderplas, Alexandre Passos, David Cournapeau, Matthieu Brucher, Matthieu Perrot, Édouard Duchesnay, Scikit-learn: Machine Learning in Python Journal of Machine Learning Research. ,vol. 12, pp. 2825- 2830 ,(2011)
Qinghua Zhang, Douglas S. Reeves, MetaAware: Identifying Metamorphic Malware annual computer security applications conference. pp. 411- 420 ,(2007) , 10.1109/ACSAC.2007.9
Marcus A. Maloof, J. Zico Kolter, Learning to Detect and Classify Malicious Executables in the Wild Journal of Machine Learning Research. ,vol. 7, pp. 2721- 2744 ,(2006) , 10.5555/1248547.1248646
M. Christodorescu, S. Jha, S.A. Seshia, D. Song, R.E. Bryant, Semantics-aware malware detection ieee symposium on security and privacy. pp. 32- 46 ,(2005) , 10.1109/SP.2005.20