Mining distinguishing patterns based on malware traces
作者: Xiaoyan Sun , Qian Huang , Yuefei Zhu , Ning Guo
DOI: 10.1109/ICCSIT.2010.5565105
关键词:
摘要: The automatic generation of malicious behavior pattern based on system call trace is important to malware detection. This paper studied the existing method specification. In order reduce complexity generation, it constructs graph which vertex label unique, and uses these graphs mine pattern. To address issue limitation minimal contrast subgraph mining method, multiple positive negative samples, proposes a distinguishing patterns mutual information. It designs overall framework process, gives algorithm. Finally, validation results demonstrate effectiveness.
sci-hub.se 参考文章(12)
Li Xian, An Efficient Frequent Subgraph Mining Algorithm Journal of Software. ,(2007)
James Bailey, Roger Ming Hieng Ting, Mining Minimal Contrast Subgraph Patterns siam international conference on data mining. pp. 639- 643 ,(2006)
Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov, Learning and Classification of Malware Behavior international conference on detection of intrusions and malware and vulnerability assessment. pp. 108- 125 ,(2008) , 10.1007/978-3-540-70542-0_6
Zhiping Zeng, Jianyong Wang, Lizhu Zhou, Efficient mining of minimal distinguishing subgraph patterns from graph databases knowledge discovery and data mining. pp. 1062- 1068 ,(2008) , 10.1007/978-3-540-68125-0_114
Asaf Shabtai, Robert Moskovitch, Yuval Elovici, Chanan Glezer, Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey Information Security Technical Report. ,vol. 14, pp. 16- 29 ,(2009) , 10.1016/J.ISTR.2009.03.003
Yong Liu, Jianzhong Li, Jinghua Zhu, A Novel Graph Classification Approach Based on Frequent Closed Emerging Patterns Journal of Computer Research and Development. ,vol. 44, pp. 1169- ,(2007) , 10.1360/CRAD20070711
Carsten Willems, Thorsten Holz, Felix Freiling, Toward Automated Dynamic Malware Analysis Using CWSandbox ieee symposium on security and privacy. ,vol. 5, pp. 32- 39 ,(2007) , 10.1109/MSP.2007.45
Grégoire Jacob, Hervé Debar, Eric Filiol, Behavioral detection of malware: from a survey towards an established taxonomy Journal in Computer Virology. ,vol. 4, pp. 251- 266 ,(2008) , 10.1007/S11416-008-0086-0
Michael Bailey, Jon Oberheide, Jon Andersen, Z Morley Mao, Farnam Jahanian, Jose Nazario, None, Automated classification and analysis of internet malware recent advances in intrusion detection. pp. 178- 197 ,(2007) , 10.1007/978-3-540-74320-0_10
Johannes Kinder, Stefan Katzenbeisser, Christian Schallhart, Helmut Veith, Detecting malicious code by model checking international conference on detection of intrusions and malware and vulnerability assessment. pp. 174- 187 ,(2005) , 10.1007/11506881_11