nach oben

Automatic Control and Computer Sciences

Erschienen in:

01.12.2022

Detecting Malicious Executable Files Based on Static–Dynamic Analysis Using Machine Learning

verfasst von: R. A. Ognev, E. V. Zhukovskii, D. P. Zegzhda, A. N. Kiselev

Erschienen in: Automatic Control and Computer Sciences | Ausgabe 8/2022

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In current operating systems, executable files are used to solve various problems, which in turn can be either benign (perform only necessary actions) or malicious (the main purpose of which is to perform destructive actions in relation to the system). Thus, malware is a program used for unauthorized access to information and/or impact on information or resources of an automated information system. Here, the problem of determining the types of executable files and detecting malware is solved.

Vorheriger Artikel Trust Evaluation Problems in Big Data Analytics

Nächster Artikel Bank Fraud Detection with Graph Neural Networks

Idika, N. and Mathur, A.P., A survey of malware detection techniques, Purdue Univ., 2007.

Fatin, A.D., Pavlenko, E.Yu., and Poltavtseva, M.A., A survey of mathematical methods for security analysis of cyberphysical systems, Autom. Control Comput. Sci., 2020, vol. 54, no. 8, pp. 983–987. https://doi.org/10.3103/S014641162008012XCrossRef

Witte, T.N., Phantom malware: conceal malicious actions from malware detection techniques by imitating user activity, IEEE Access, 2020, vol. 8, pp. 164428–164452. https://doi.org/10.1109/ACCESS.2020.3021743CrossRef

Tian, R., Islam, R., Batten, L., and Versteeg, S., Differentiating malware from cleanware using behavioural analysis, 5th Int. Conf. on Malicious and Unwanted Software, Nancy, France, 2010, IEEE, 2010, pp. 23–30. https://doi.org/10.1109/MALWARE.2010.5665796

Kalinin, M.O., Krundyshev, V.M., Rezedinova, E.Yu., and Reshetov, D.V., Hierarchical software-defined security management for large-scale dynamic networks, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 906–911. https://doi.org/10.3103/S014641161808014XCrossRef

Salehi, Z., Ghiasi, M., and Sami, A., A miner for malware detection based on API function calls and their arguments, The 16th CSI Int. Symp. on Artificial Intelligence and Signal Processing (AISP 2012), Shiraz, Iran, 2012, IEEE, 2012, pp. 563–568. https://doi.org/10.1109/AISP.2012.6313810

Popova, E.A. and Platonov, V.V., Reduction of the number of analyzed parameters in network attack detection systems, Autom. Control Comput. Sci., 2020, vol. 54, no. 8, pp. 907–914. https://doi.org/10.3103/S0146411620080295CrossRef

Anderson, B., Quist, D., Neil, J., Storlie, C., and Lane, T., Graph-based malware detection using dynamic analysis, J. Comput. Virol., 2011, vol. 7, pp. 247–258. https://doi.org/10.1007/s11416-011-0152-xCrossRef

Damodaran, A., Di Troia, F., Visaggio, C.A., Austin, T.H., and Stamp, M., A comparison of static, dynamic, and hybrid analysis for malware detection, J. Comput. Virol. Hacking Tech., 2017, vol. 13, pp. 1–12. https://doi.org/10.1007/s11416-015-0261-zCrossRef

10.

Altaher, A., Supriyanto, Almomani, A., Anbar, M., and Ramadass, S., Malware detection based on evolving clustering method for classification, Sci. Res. Essays, 2012, vol. 7, no. 22, pp. 2031–2036. https://doi.org/10.5897/SRE12.001CrossRef

11.

Amer, E. and Zelinka, I., A dynamic windows malware detection and prediction method based on contextual understanding of API call sequence, Comput. Secur., 2020, vol. 92, p. 101760. https://doi.org/10.1016/j.cose.2020.101760CrossRef

12.

Kalinin, M.O. and Krundyshev, V.M., Computational intelligence technologies stack for protecting the critical digital infrastructures against security intrusions, Fifth World Conf. on Smart Trends in Systems Security and Sustainability (WorldS4), London, 2021, IEEE, 2021, pp. 118–122. https://doi.org/10.1109/WorldS451998.2021.9514004

13.

Endgame Malware BEnchmark for Research, 2018. https://github.com/elastic/ember.

14.

O’Connel, R., Binary hashing: Motivations and algorithms, 2019. https://www.riverloopsecurity.com/blog/ 2019/11/binary-hashing-intro. Cited October 11, 2021.

15.

Busygin, A. and Kalinin, M. Criterion of blockchain vulnerability to majority attack based on hashing power distribution assessment, Futuristic Trends in Network and Communication Technologies. FTNCT 2020, Singh, P.K., Veselov, G., Vyatkin, V., Pljonkin, A., Dodero, J.M., and Kumar, Y., Eds., Communications in Computer and Information Science, vol. 1395. Singapore: Springer, 2020, pp. 68–77. https://doi.org/10.1007/978-981-16-1480-4_6

16.

Koret, J., A new control flow graph based heuristic for Diaphora, 2018. http://joxeankoret.com/blog/2018/ 11/04/new-cfg-based-heuristic-diaphora.

17.

Diaphora, 2020. https://github.com/joxeankoret/diaphora.

18.

An implementation of the Koret–Karamitas (KOKA) CFGs hashing algorithm, 2019. https://github.com/ j-oxeankoret/diaphora/blob/master/jkutils/graph_hashes.

Titel: Detecting Malicious Executable Files Based on Static–Dynamic Analysis Using Machine Learning
verfasst von: R. A. Ognev
E. V. Zhukovskii
D. P. Zegzhda
A. N. Kiselev
Publikationsdatum: 01.12.2022
Verlag: Pleiades Publishing
Erschienen in: Automatic Control and Computer Sciences / Ausgabe 8/2022
Print ISSN: 0146-4116
Elektronische ISSN: 1558-108X
DOI: https://doi.org/10.3103/S0146411622080120

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Internationaler Motorenkongress/© [M] ATZlive | Chisnikov / Fotolia.com, Search Icon, Banner Hanser, Customer Experience/© © oatawa / Getty Images / iStock, Erdgasmotor 1.5 TGI evo von Volkswagen/© Volkswagen AG, Thorsten Mücke/© Alexandra Bachran, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade, chassis.tech plus 2023/© [M] ATZlive / TÜV SÜD PRODUCT SERVICE GMBH

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 8/2022

Noise-Resistant Coding and Highly Undetectable Stegosystems – Is the Alliance Successful?

Adversarial Machine Learning Protection Using the Example of Evasion Attacks on Medical Images

Noise-Immune Marking of Digital Audio Signals in Audio Stegosystems with Multiple Inputs and Multiple Outputs

Performance Evaluation of Antivirus Systems for Computer Networks

Adaptive Control System for Detecting Computer Attacks on Objects of Critical Information Infrastructure

Immunization of Complex Networks: Topology and Methods

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.