Machine Learning Analysis of Memory Images for Process Characterization and Malware Detection

被引:0
|
作者
Lyles, Seth [1 ]
Desantis, Mark [1 ]
Donaldson, John [1 ]
Gallegos, Micaela [1 ]
Nyholm, Hannah [1 ]
Taylor, Claire [1 ]
Monteith, Kristine [1 ]
机构
[1] Lawrence Livermore Natl Lab, Livermore, CA USA
来源
52ND ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS WORKSHOP VOLUME (DSN-W 2022) | 2022年
关键词
D O I
10.1109/DSN-W54100.2022.00035
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
As signature-based malware detection techniques mature, malware authors have been forced to leave fewer footprints on target machines. Malicious activity can be conducted by chaining together benign, built-in functions in subversive ways. Because the functions are native to the host system, attackers can slip under the radar of signature filtering tools such as YARA. To address this challenge, we utilize the Volatility memory forensics framework to measure and characterize typical in-memory behavior, then observe the deviations from normal use that may indicate a compromise. We demonstrate that processes have characteristic memory footprints, and that machine learning models can flag malicious behavior as anomalous.
引用
收藏
页码:162 / 169
页数:8
相关论文
共 50 条
  • [21] The Curious Case of Machine Learning in Malware Detection
    Saad, Sherif
    Briguglio, William
    Elmiligi, Haytham
    [J]. PROCEEDINGS OF THE 5TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY (ICISSP), 2019, : 528 - 535
  • [22] Analysis of Android Malware Detection Performance using Machine Learning Classifiers
    Ham, Hyo-Sik
    Choi, Mi-Jung
    [J]. 2013 INTERNATIONAL CONFERENCE ON ICT CONVERGENCE (ICTC 2013): FUTURE CREATIVE CONVERGENCE TECHNOLOGIES FOR NEW ICT ECOSYSTEMS, 2013, : 492 - 497
  • [23] Comprehensive Analysis of Consistency and Robustness of Machine Learning Models in Malware Detection
    Kasarapu, Sreenitha
    Bhusal, Dipkamal
    Rastogi, Nidhi
    Dinakarrao, Sai Manoj Pudukotai
    [J]. PROCEEDING OF THE GREAT LAKES SYMPOSIUM ON VLSI 2024, GLSVLSI 2024, 2024, : 477 - 482
  • [24] Evaluation of Machine Learning Algorithms for Malware Detection
    Akhtar, Muhammad Shoaib
    Feng, Tao
    [J]. SENSORS, 2023, 23 (02)
  • [25] Memory Forensics-Based Malware Detection Using Computer Vision and Machine Learning
    Shah, Syed Shakir Hameed
    Ahmad, Abd Rahim
    Jamil, Norziana
    Khan, Atta Ur Rehman
    [J]. ELECTRONICS, 2022, 11 (16)
  • [26] Building a Machine Learning Classifier for Malware Detection
    Markel, Zane
    Bilzor, Michael
    [J]. 2014 SECOND WORKSHOP ON ANTI-MALWARE TESTING RESEARCH (WATER), 2014, : 20 - 23
  • [27] Android Malware Detection Based on Machine Learning
    Wang, Qing-Fei
    Fang, Xiang
    [J]. 2018 4TH ANNUAL INTERNATIONAL CONFERENCE ON NETWORK AND INFORMATION SYSTEMS FOR COMPUTERS (ICNISC 2018), 2018, : 434 - 436
  • [28] Comparing Machine Learning Techniques for Malware Detection
    Moubarak, Joanna
    Feghali, Tony
    [J]. ICISSP: PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2020, : 844 - 851
  • [29] Malware Detection and Classification with Machine Learning Algorithms
    Kumar, R. Vinoth
    Islam, Md Mojahidul
    Apon, Abir Hossain
    Prantha, C. S.
    [J]. SMART TRENDS IN COMPUTING AND COMMUNICATIONS, VOL 5, SMARTCOM 2024, 2024, 949 : 143 - 158
  • [30] Android Malware Detection Using Machine Learning
    Droos, Ayat
    Al-Mahadeen, Awss
    Al-Harasis, Tasnim
    Al-Attar, Rama
    Ababneh, Mohammad
    [J]. 2022 13TH INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION SYSTEMS (ICICS), 2022, : 36 - 41
12345