Bumanglag, 2022 - Google Patents
An Application of Machine Learning to Analysis of Packed Mac MalwareBumanglag, 2022
View PDF- Document ID
- 9665805203864608940
- Author
- Bumanglag K
- Publication year
External Links
Snippet
The macOS operating system is increasingly targeted by malware. Software written for macOS, both benign and malicious, is in the Mach-O executable format. Malware authors may frustrate analysts through obfuscation methods such as packing. The field of malware …
- 238000010801 machine learning 0 title abstract description 143
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30129—Details of further file system functionalities
- G06F17/30144—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F19/00—Digital computing or data processing equipment or methods, specially adapted for specific applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Oz et al. | A survey on ransomware: Evolution, taxonomy, and defense solutions | |
| Sejfia et al. | Practical automated detection of malicious npm packages | |
| Fernando et al. | A study on the evolution of ransomware detection using machine learning and deep learning techniques | |
| Scalas et al. | On the effectiveness of system API-related information for Android ransomware detection | |
| Chumachenko | Machine learning methods for malware detection and classification | |
| Ferdous et al. | AI-based ransomware detection: A comprehensive review | |
| Tariq et al. | An effective self-configurable ransomware prevention technique for IOMT | |
| Oh et al. | volGPT: Evaluation on triaging ransomware process in memory forensics with Large Language Model | |
| Cao et al. | What the fork? finding and analyzing malware in github forks | |
| Kirubavathi et al. | Behavioral based detection of android ransomware using machine learning techniques | |
| Grégio et al. | An ontology of suspicious software behavior | |
| de Lima et al. | Artificial intelligence-based antivirus in order to detect malware preventively | |
| Alzahrani et al. | A survey of ransomware detection methods | |
| Deore et al. | MDFRCNN: Malware detection using faster region proposals convolution neural network | |
| Praveen | A comparative analysis of malware written in the C and rust programming languages | |
| Rosli et al. | Ransomware behavior attack construction via graph theory approach | |
| Baychev et al. | Spearphishing malware: Do we really know the unknown? | |
| Ezeonwu et al. | Comparative analysis of machine learning classifiers for fileless malware detection | |
| Bumanglag | An Application of Machine Learning to Analysis of Packed Mac Malware | |
| US12368731B2 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
| Edwards et al. | On exploring the sub-domain of artificial intelligence (AI) model forensics | |
| Gagulic et al. | Ransomware detection with machine learning in storage systems | |
| Fraley | Improved detection for advanced polymorphic malware | |
| Moussaileb | Log analysis for malicious software detection | |
| Gobbi et al. | GENIE: guarding the npm ecosystem with semantic malware detection |