Machine Learning Analysis of Memory Images for Process Characterization and Malware Detection

被引:0
|
作者
Lyles, Seth [1 ]
Desantis, Mark [1 ]
Donaldson, John [1 ]
Gallegos, Micaela [1 ]
Nyholm, Hannah [1 ]
Taylor, Claire [1 ]
Monteith, Kristine [1 ]
机构
[1] Lawrence Livermore Natl Lab, Livermore, CA USA
来源
52ND ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS WORKSHOP VOLUME (DSN-W 2022) | 2022年
关键词
D O I
10.1109/DSN-W54100.2022.00035
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
As signature-based malware detection techniques mature, malware authors have been forced to leave fewer footprints on target machines. Malicious activity can be conducted by chaining together benign, built-in functions in subversive ways. Because the functions are native to the host system, attackers can slip under the radar of signature filtering tools such as YARA. To address this challenge, we utilize the Volatility memory forensics framework to measure and characterize typical in-memory behavior, then observe the deviations from normal use that may indicate a compromise. We demonstrate that processes have characteristic memory footprints, and that machine learning models can flag malicious behavior as anomalous.
引用
收藏
页码:162 / 169
页数:8
相关论文
共 50 条
  • [41] Advanced Machine Learning Based Malware Detection Systems
    Kim, Song-Kyoo
    Feng, Xiaomei
    Al Hamadi, Hussam
    Damiani, Ernesto
    Yeun, Chan Yeob
    Nandyala, Sivaprasad
    [J]. IEEE ACCESS, 2024, 12 : 115296 - 115305
  • [42] Evaluation of machine learning classifiers for mobile malware detection
    Fairuz Amalina Narudin
    Ali Feizollah
    Nor Badrul Anuar
    Abdullah Gani
    [J]. Soft Computing, 2016, 20 : 343 - 357
  • [43] Swarm Optimization and Machine Learning for Android Malware Detection
    Jhansi, K. Santosh
    Varma, P. Ravi Kiran
    Chakravarty, Sujata
    [J]. CMC-COMPUTERS MATERIALS & CONTINUA, 2022, 73 (03): : 6327 - 6345
  • [44] Detection of Malware in the Network Using Machine Learning Techniques
    Vnr Vignana Jyothi Institute of Engineering and Technology, Department of InformationTechnology, Hyderabad, India
    [J]. Proc. - Int. Conf. Recent Trends Microelectron., Autom., Comput. Commun. Syst., ICMACC, 1600, (204-211):
  • [45] Machine Learning Based Improved Malware Detection Schemes
    Priyadarshan, Pradosh
    Sarangi, Prateek
    Ratht, Adyasha
    Rath, Adyasha
    Panda, Ganapati
    [J]. 2021 11TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING, DATA SCIENCE & ENGINEERING (CONFLUENCE 2021), 2021, : 925 - 931
  • [46] Application of Machine Learning Algorithms for Android Malware Detection
    Kakavand, Mohsen
    Dabbagh, Mohammad
    Dehghantanha, Ali
    [J]. 2018 INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND INTELLIGENT SYSTEMS (CIIS 2018), 2018, : 32 - 36
  • [47] Study on Machine Learning Techniques for Malware Classification and Detection
    Moon, Jaewoong
    Kim, Subin
    Song, Jaeseung
    Kim, Kyungshin
    [J]. KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2021, 15 (12): : 4308 - 4325
  • [48] Evaluation of machine learning classifiers for mobile malware detection
    Narudin, Fairuz Amalina
    Feizollah, Ali
    Anuar, Nor Badrul
    Gani, Abdullah
    [J]. SOFT COMPUTING, 2016, 20 (01) : 343 - 357
  • [49] Explainable Machine Learning for Malware Detection on Android Applications
    Palma, Catarina
    Ferreira, Artur
    Figueiredo, Mario
    [J]. INFORMATION, 2024, 15 (01)
  • [50] An Android Malware Detection System Based on Machine Learning
    Wen, Long
    Yu, Haiyang
    [J]. GREEN ENERGY AND SUSTAINABLE DEVELOPMENT I, 2017, 1864
12345