Deep Analysis and Utilization of Malware’s Social Relation Network for Its Detection
作者: Shifu Hou , Lingwei Chen , Yanfang Ye , Lifei Chen
DOI: 10.1007/978-3-319-69781-9_4
关键词:
摘要: To combat with the evolving malware attacks, many research efforts have been conducted on developing intelligent detection systems. In most of existing systems, resting analysis file contents extracted from samples (e.g., binary n-grams, system calls), data mining techniques such as classification and clustering used for detection. However, ignoring social relations among these (i.e., utilizing only) is a significant limitation methods. this paper, (1) instead using collected samples, we conduct deep relation network study how it can be detection; (2) constructed graph, perform large scale inference by propagating information labeled (either benign or malicious) to detect newly unknown malware. A comprehensive experimental collection sample obtained Comodo Cloud Security Center performed compare various approaches. Promising results demonstrate that accuracy efficiency our proposed method outperform other alternate based techniques.
springer.com
sci-hub.se 参考文章(27)
Andrei Venzhega, Polina Zhinalieva, Nikolay Suboch, Graph-based malware distributors detection the web conference. pp. 1141- 1144 ,(2013) , 10.1145/2487788.2488136
Duen Horng Chau, Carey Nachenberg, Christos Faloutsos, Adam Wright, Jeffrey Wilhelm, Polonium: Tera-Scale Graph Mining for Malware Detection ,(2013)
Kang G. Shin, Xin Hu, Large-scale malware analysis, detection, and signature generation University of Michigan. ,(2011)
Christopher M. Bishop, Pattern Recognition and Machine Learning (Information Science and Statistics) Springer-Verlag New York, Inc.. ,(2006)
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, Engin Kirda, Scalable, behavior-based malware clustering network and distributed system security symposium. ,(2009)
Jongtack Jung, Kangho Kim, Woonghee Lee, Hwangnam Kim, Poster: Asynchronous Acoustic Localization using Commercial Devices international conference on embedded networked sensor systems. pp. 393- 394 ,(2015) , 10.1145/2809695.2817880
Jonathan S. Yedidia, Yair Weiss, William T. Freeman, Understanding belief propagation and its generalizations Exploring artificial intelligence in the new millennium. pp. 239- 269 ,(2003)
Yanfang Ye, Tao Li, Shenghuo Zhu, Weiwei Zhuang, Egemen Tas, Umesh Gupta, Melih Abdulhayoglu, Combining file content and file relations for cloud based malware detection Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '11. pp. 222- 230 ,(2011) , 10.1145/2020408.2020448
Mohammadreza Ektefa, Sara Memar, Fatimah Sidi, Lilly Suriani Affendey, Intrusion detection using data mining techniques 2010 International Conference on Information Retrieval & Knowledge Management (CAMP). pp. 200- 203 ,(2010) , 10.1109/INFRKM.2010.5466919
Eric Filiol, Malware Pattern Scanning Schemes Secure Against Black-box Analysis Journal in Computer Virology. ,vol. 2, pp. 35- 50 ,(2006) , 10.1007/S11416-006-0009-X