FriSM: Malicious Exploit Kit Detection via Feature-Based String-Similarity Matching

被引：3

作者：

Kim, Sungjin ^{[1
]}

Kang, Brent ByungHoon ^{[1
]}

机构：

[1] Korea Inst Sci Technol KAIST, Sch Comp, Grad Sch Informat Secur, Daejeon, South Korea

来源：

SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM 2018, PT I | 2018年 / 254卷

关键词：

Exploit kits; Pattern matching; Similarity matching;

D O I：

10.1007/978-3-030-01701-9_23

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Since an exploit kit (EK) was first developed, an increasing number of attempts has been made to infect users' PCs by transmitting malware via EKs. To tackle such malware distribution, we propose herein an enhanced similarity-matching technique that determines whether the test sets are similar to the pattern sets in which the structural properties of EKs are defined. A key characteristic of our similarity-matching technique is that, unlike typical pattern-matching, it can detect isomorphic variants derived from EKs. In an experiment involving 36,950 datasets, our similarity-matching technique provides a TP rate of 99.9% and an FP rate of 0.001% with a performance of 0.003 s/page.

引用

页码：416 / 432

页数：17

共 18 条

[1] A feature-based method for tire pattern similarity detection
Li Hongling
Dong Yude
Ding Heng
Wang Tao
Wang Jinbiao
[J]. PROCEEDINGS OF THE INSTITUTION OF MECHANICAL ENGINEERS PART D-JOURNAL OF AUTOMOBILE ENGINEERING, 2023, 237 (10-11) : 2539 - 2552
[2] Object Detection Using Feature-based Template Matching
Bianco, Simone
Buzzelli, Marco
Schettini, Raimondo
[J]. IMAGE PROCESSING: MACHINE VISION APPLICATIONS VI, 2013, 8661
[3] Feature-based stereo matching via coevolution of epipolar subproblems
Goulermas, JY
Liatsis, P
[J]. SEVENTH INTERNATIONAL CONFERENCE ON IMAGE PROCESSING AND ITS APPLICATIONS, 1999, (465): : 23 - 27
[4] Similarity Detection Method Based on Assembly Language and String Matching
Shan, Shuqian
Guo, Fengjuan
Ren, Jiaxun
[J]. ADVANCES IN ELECTRONIC COMMERCE, WEB APPLICATION AND COMMUNICATION, VOL 1, 2012, 148 : 363 - +
[5] Explainable Anomaly Detection via Feature-Based Localization
Kitamura, Shogo
Nonaka, Yuichi
[J]. ARTIFICIAL NEURAL NETWORKS AND MACHINE LEARNING - ICANN 2019: WORKSHOP AND SPECIAL SESSIONS, 2019, 11731 : 408 - 419
[6] Structural Feature-Based Image Hashing and Similarity Metric for Tampering Detection
Tang, Zhenjun
Wang, Shuozhong
Zhang, Xinpeng
Wei, Weimin
[J]. FUNDAMENTA INFORMATICAE, 2011, 106 (01) : 75 - 91
[7] Joining feature-based and similarity-based pattern description paradigms for object detection
Martelli, Samuele
Cristani, Marco
Bazzani, Loris
Tosato, Diego
Murino, Vittorio
[J]. 2012 21ST INTERNATIONAL CONFERENCE ON PATTERN RECOGNITION (ICPR 2012), 2012, : 2702 - 2705
[8] Adaptive skin segmentation via feature-based face detection
Taylor, Michael J.
Morris, Tim
[J]. REAL-TIME IMAGE AND VIDEO PROCESSING 2014, 2014, 9139
[9] Performance Enhancement Step for Motion Estimation via Feature-based Image Matching
Miyaura, Keita
Elibol, Armagan
Chong, Nak Young
[J]. 2022 22ND INTERNATIONAL CONFERENCE ON CONTROL, AUTOMATION AND SYSTEMS (ICCAS 2022), 2022, : 1161 - 1166
[10] Feature-based Malicious URL and Attack Type Detection Using Multi-class Classification
Patil, Dharmaraj R.
Patil, Jayantrao B.
[J]. ISECURE-ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2018, 10 (02): : 141 - 162

← 1 2 →