Fan et al., 2023 - Google Patents
Enhancing the Explainability of Deep Learning Based Malware Detection SystemFan et al., 2023
- Document ID
- 9304533686804878121
- Author
- Fan H
- Yang Y
- Lin C
- Li Q
- Publication year
- Publication venue
- 2023 9th Annual International Conference on Network and Information Systems for Computers (ICNISC)
External Links
Snippet
With the rapid development of deep learning, deep learning-based malware detection has received increasing attention because of its advantage of not relying on domain knowledge. The research community has proposed some rudimentary methods to enhance the …
- 238000001514 detection method 0 title abstract description 7
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30634—Querying
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30613—Indexing
- G06F17/30619—Indexing indexing structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30964—Querying
- G06F17/30979—Query processing
- G06F17/30985—Query processing by using string matching techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
- G06N5/025—Extracting rules from data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6279—Classification techniques relating to the number of classes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computer systems based on specific mathematical models
- G06N7/005—Probabilistic networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Moh et al. | Detecting web attacks using multi-stage log analysis | |
| Levshun et al. | A survey on artificial intelligence techniques for security event correlation: models, challenges, and opportunities | |
| Ferrag et al. | Generative ai and large language models for cyber security: All insights you need | |
| Irshad et al. | Cyber threat attribution using unstructured reports in cyber threat intelligence | |
| Rehman et al. | Flash: A comprehensive approach to intrusion detection via provenance graph representation learning | |
| Zhang et al. | Webshell traffic detection with character-level features based on deep learning | |
| Falor et al. | A deep learning approach for detection of SQL injection attacks using convolutional neural networks | |
| US20240045956A1 (en) | Malicious source code detection | |
| Wang et al. | Static analysis of source code vulnerability using machine learning techniques: A survey | |
| Ma et al. | A novel model for anomaly detection in network traffic based on support vector machine and clustering | |
| De La Torre-Abaitua et al. | On the application of compression-based metrics to identifying anomalous behaviour in web traffic | |
| Mao et al. | Explainable software vulnerability detection based on attention-based bidirectional recurrent neural networks | |
| CN119030787B (en) | Security protection method, device and storage medium based on network threat intelligence analysis | |
| Lakshmana Kumar et al. | An automatic anomaly application detection system in mobile devices using FL-HTR-DBN and SKLD-SED K means algorithms | |
| Hussain et al. | Vulnerability detection in Java source code using a quantum convolutional neural network with self-attentive pooling, deep sequence, and graph-based hybrid feature extraction | |
| Rozi et al. | Securing Code with Context: Enhancing Vulnerability Detection through Contextualized Graph Representations | |
| CN119011251A (en) | Network security threat perception recognition response method based on security knowledge graph | |
| Li et al. | PipCKG-BS: A Method to Build Cybersecurity Knowledge Graph for Blockchain Systems via the Pipeline Approach | |
| Fan et al. | Enhancing the Explainability of Deep Learning Based Malware Detection System | |
| Sun et al. | GNN-IDS: Graph Neural Network based Intrusion Detection System | |
| Khatun et al. | An Approach to Detect Phishing Websites with Features Selection Method and Ensemble Learning | |
| Huy-Trung et al. | Anomaly detection in internet of things based on logs using machine learning and deep learning techniques | |
| Li et al. | IDS-Agent: An LLM Agent for Explainable Intrusion Detection in IoT Networks | |
| CN117540367A (en) | An attack investigation method based on behavioral sequences and language models | |
| Ussatova et al. | Designing a vulnerability threat detection scanner with the use of machine learning models |