Chandran et al., 2025 - Google Patents
From static to ai-driven detection: A comprehensive review of obfuscated malware techniquesChandran et al., 2025
View PDF- Document ID
- 5876486486047573148
- Author
- Chandran S
- Syam S
- Sankaran S
- Pandey T
- Achuthan K
- Publication year
- Publication venue
- IEEE Access
External Links
Snippet
The frequency of cyber attacks targeting individuals, businesses, and organizations globally has escalated in recent years. The evolution of obfuscated malware, designed to evade detection, has been unprecedented, employing new and sophisticated mechanisms to …
- 238000001514 detection method 0 title abstract description 173
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Urooj et al. | Ransomware detection using the dynamic analysis and machine learning: A survey and research directions | |
| Gaber et al. | Malware detection with artificial intelligence: A systematic literature review | |
| Rani et al. | Machine learning aided malware detection for secure and smart manufacturing: a comprehensive analysis of the state of the art | |
| Raju et al. | A survey on cross-architectural IoT malware threat hunting | |
| Ali et al. | Deep learning methods for malware and intrusion detection: A systematic literature review | |
| Ferdous et al. | AI-based ransomware detection: A comprehensive review | |
| Saqib et al. | A comprehensive analysis of explainable AI for malware hunting | |
| Banin et al. | Multinomial malware classification via low-level features | |
| Uysal et al. | Data-driven malware detection for 6G networks: A survey from the perspective of continuous learning and explainability via visualisation | |
| Chandran et al. | From static to ai-driven detection: A comprehensive review of obfuscated malware techniques | |
| Baghirov | A comprehensive investigation into robust malware detection with explainable AI | |
| Oh et al. | volGPT: Evaluation on triaging ransomware process in memory forensics with Large Language Model | |
| Wei et al. | Toward identifying APT malware through API system calls | |
| Mail et al. | Malware detection system using cloud sandbox, machine learning | |
| Gurukala et al. | Feature selection using particle swarm optimization and ensemble-based machine learning models for ransomware detection | |
| Singh et al. | Static malware analysis using machine and deep learning | |
| Ning et al. | A survey of detection methods research on living-off-the-land techniques | |
| Mehedi et al. | DySec: a machine learning-based dynamic analysis for detecting malicious packages in PyPI ecosystem | |
| Korkin et al. | Acceleration of statistical detection of zero-day malware in the memory dump using CUDA-enabled GPU hardware | |
| Boodai et al. | Deep learning for malware detection: Literature review | |
| Thangapandian | Machine learning in automated detection of ransomware: Scope, benefits and challenges | |
| Phung et al. | JSMBox—A runtime monitoring framework for analyzing and classifying malicious JavaScript | |
| Nadeem et al. | Intelligent malware defenses | |
| Alazab et al. | Malicious code detection using penalized splines on OPcode frequency | |
| Tian | An integrated malware detection and classification system |