Si et al., 2022 - Google Patents
Malware detection using automated generation of yara rules on dynamic featuresSi et al., 2022
- Document ID
- 14418920674016683087
- Author
- Si Q
- Xu H
- Tong Y
- Zhou Y
- Liang J
- Cui L
- Hao Z
- Publication year
- Publication venue
- International Conference on Science of Cyber Security
External Links
Snippet
With the explosive growth of malware and its variants, automated malware detection is a hot topic in security. In this paper, we propose a malware detection method based on automated Yara rule generation on dynamic behaviors, mainly aiming to improve malware detection in …
- 241001377938 Yara 0 title abstract description 74
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
- G06F17/30864—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems
- G06F17/30867—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems with filtering and personalisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/36—Image preprocessing, i.e. processing the image information without deciding about the identity of the image
- G06K9/46—Extraction of features or characteristics of the image
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Liu et al. | Deep learning for android malware defenses: a systematic literature review | |
| Wu et al. | A survey of android malware static detection technology based on machine learning | |
| Meijin et al. | A systematic overview of android malware detection | |
| Bazrafshan et al. | A survey on heuristic malware detection techniques | |
| Ali et al. | Deep learning methods for malware and intrusion detection: A systematic literature review | |
| Hussain et al. | Malware detection using machine learning algorithms for windows platform | |
| Ye et al. | Hierarchical associative classifier (HAC) for malware detection from the large and imbalanced gray list | |
| Si et al. | Malware detection using automated generation of yara rules on dynamic features | |
| Abdullah et al. | Empirical study on intelligent android malware detection based on supervised machine learning | |
| Aldriwish | A Deep Learning Approach for Malware and Software Piracy Threat Detection | |
| Jerbi et al. | Android malware detection as a bi-level problem | |
| Dahiya et al. | Android malware analysis and detection: A systematic review | |
| Bai et al. | A malware and variant detection method using function call graph isomorphism | |
| Takahashi et al. | Android application analysis using machine learning techniques | |
| Motiur Rahman et al. | StackDroid: Evaluation of a multi-level approach for detecting the malware on android using stacked generalization | |
| Jyothish et al. | Effectiveness of machine learning based android malware detectors against adversarial attacks | |
| Chen et al. | Predicting Android malware combining permissions and API call sequences | |
| Feng et al. | BejaGNN: behavior-based Java malware detection via graph neural network: P. Feng et al. | |
| Zyout et al. | Malware classification approaches utilizing binary and text encoding of permissions | |
| Ravi et al. | Static Malware Analysis using ELF features for Linux based IoT devices | |
| Gupta et al. | Deep learning approach for malicious url detection using cnn, rnn, lstm and bi-lstm models | |
| Alquliti et al. | Evaluating Explanation Quality in X-IDS Using Feature Alignment Metrics | |
| Viţel et al. | Detection of msoffice-embedded malware: Feature mining and short-vs. long-term performance | |
| Si¹ et al. | Malware Detection Using Automated Generation of Yara Rules on Dynamic | |
| Vanusha et al. | SecuDroid: android malware detection using ML classifier on static features |