Zaharin et al., 2021 - Google Patents
Malware Classification Based on System CallZaharin et al., 2021
View PDF- Document ID
- 3215080010809778152
- Author
- Zaharin M
- Shariff S
- Publication year
- Publication venue
- International Visual Informatics Conference
External Links
Snippet
It has always been a never-ending battle between security analysts and malware developers due to the complexity of malware changing as quickly as innovation grows. Current research focuses on the application of machine learning techniques for malware …
- 238000001514 detection method 0 abstract description 61
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Gibert et al. | The rise of machine learning for detection and classification of malware: Research developments, trends and challenges | |
| Scalas et al. | On the effectiveness of system API-related information for Android ransomware detection | |
| Gassais et al. | Multi-level host-based intrusion detection system for Internet of things | |
| US11423146B2 (en) | Provenance-based threat detection tools and stealthy malware detection | |
| Bernardi et al. | Dynamic malware detection and phylogeny analysis using process mining | |
| Chumachenko | Machine learning methods for malware detection and classification | |
| CN105229612B (en) | The detection performed using the abnormal program of hardware based microarchitecture data | |
| Roseline et al. | A comprehensive survey of tools and techniques mitigating computer and mobile malware attacks | |
| Banin et al. | Multinomial malware classification via low-level features | |
| Rani et al. | Machine learning aided malware detection for secure and smart manufacturing: a comprehensive analysis of the state of the art | |
| Narouei et al. | DLLMiner: structural mining for malware detection | |
| Ahmed et al. | Peeler: Profiling kernel-level events to detect ransomware | |
| LeDoux et al. | Malware and machine learning | |
| Zakeri et al. | A static heuristic approach to detecting malware targets | |
| Aslan et al. | Using a subtractive center behavioral model to detect malware | |
| Downing et al. | {DeepReflect}: Discovering malicious functionality through binary reconstruction | |
| Rani et al. | A survey on machine learning-based ransomware detection | |
| Yang et al. | Droidward: an effective dynamic analysis method for vetting android applications | |
| Tchakounté et al. | LimonDroid: a system coupling three signature-based schemes for profiling Android malware | |
| Pandiaraja et al. | A graph-based model for discovering host-based hook attacks | |
| Brezinski et al. | Metamorphic malware and obfuscation: a survey of techniques, variants, and generation kits | |
| Chew et al. | Real-time system call-based ransomware detection | |
| Bragen | Malware detection through opcode sequence analysis using machine learning | |
| Oh et al. | volGPT: Evaluation on triaging ransomware process in memory forensics with Large Language Model | |
| Baychev et al. | Spearphishing malware: Do we really know the unknown? |