BEHAVIOR-BASED MALICIOUS EXECUTABLES DETECTION BY MULTI-CLASS SVM

被引：0

作者：

Zou, Meng-song ^{[1
]}

Han, Lan-sheng ^{[1
]}

Liu, Qi-wen ^{[1
]}

Liu, Ming ^{[1
]}

机构：

[1] Huazhong Univ Sci & Technol, Sch Comp Sci & Technol, Lab Informat Secur, Wuhan 430074, Peoples R China

来源：

2009 IEEE YOUTH CONFERENCE ON INFORMATION, COMPUTING AND TELECOMMUNICATION, PROCEEDINGS | 2009年

关键词：

Behavior-based detection; Feature extraction; Malicious executable; Multi-class SVM;

D O I：

10.1109/YCICT.2009.5382354

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

As more polymorphic malicious codes coming into being, traditional anti-virus methods can not satisfy the current need. In order to achieve some specific functions, malicious codes must have some behaviors which are different from that of the normal programs. Focus on the difference between normal programs and the malicious codes the paper applies Support Vector Machine (SVM) and creates a space of virus API feature vector and a hyper-plane to divide the API space into two parts: malicious codes and normal program. Moreover, behaviors of different kinds of malicious codes are collected and 1-v-1 Multi-class SVM is introduced to detect those behaviors. Furthermore the paper constructs the application structure and selects large amount of test executable samples. Through statistics, analysis and calculation on those samples, the results verify our method.

引用

页码：331 / 334

页数：4

共 50 条

[1] Intrusion detection system based on multi-class SVM
Lee, H
Song, J
Park, D
ROUGH SETS, FUZZY SETS, DATA MINING, AND GRANULAR COMPUTING, PT 2, PROCEEDINGS, 2005, 3642 : 511 - 519
[2] Detection of Android Malicious Obfuscation Applications Based on Multi-class Features
Zhao, Meichen
2018 EIGHTH INTERNATIONAL CONFERENCE ON INSTRUMENTATION AND MEASUREMENT, COMPUTER, COMMUNICATION AND CONTROL (IMCCC 2018), 2018, : 1795 - 1799
[3] Unknown Malicious Executables Detection Based on Run-time Behavior
Hu, Yongtao
Chen, Liang
Xu, Ming
Zheng, Ning
Guo, Yanhua
FIFTH INTERNATIONAL CONFERENCE ON FUZZY SYSTEMS AND KNOWLEDGE DISCOVERY, VOL 4, PROCEEDINGS, 2008, : 391 - 395
[4] Behavior-Based Detection for Malicious Script-Based Attack
Yoon, Soojin
Choo, Hyun-lock
Bae, Hanchul
Kim, Hwankuk
ADVANCES IN COMPUTER SCIENCE AND UBIQUITOUS COMPUTING, 2017, 421 : 97 - 103
[5] Dendogram based SVM for multi-class classification
Benabdeslem, Khalid
Bennani, Younes
ITI 2006: PROCEEDINGS OF THE 28TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY INTERFACES, 2006, : 173 - +
[6] Multi-class SVM based iris recognition
Roy, Kaushik
Bhattacharya, Prabir
Debnath, Ramesh Chandra
PROCEEDINGS OF 10TH INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY (ICCIT 2007), 2007, : 396 - +
[7] Multi-class SVM based on SOM decoding
School of Electronic Engineering, Xidian Univ., Xi'an 710071, China
不详
Xi Tong Cheng Yu Dian Zi Ji Shu/Syst Eng Electron, 2006, 9 (1447-1450):
[8] Face Recognition based on multi-class SVM
Zhao Lihong
Song Ying
Zhu Yushi
Zhang Cheng
Zheng Yi
CCDC 2009: 21ST CHINESE CONTROL AND DECISION CONFERENCE, VOLS 1-6, PROCEEDINGS, 2009, : 5871 - 5873
[9] A new multi-class SVM algorithm based on one-class SVM
Yang, Xiao-Yuan
Liu, Jia
Zhang, Min-Qing
Niu, Ke
COMPUTATIONAL SCIENCE - ICCS 2007, PT 3, PROCEEDINGS, 2007, 4489 : 677 - +
[10] Transformer Faults Detection using Inrush Transients based on Multi-class SVM
Vatsa, Aniket
Hati, Ananda Shankar
2022 IEEE 6TH INTERNATIONAL CONFERENCE ON CONDITION ASSESSMENT TECHNIQUES IN ELECTRICAL SYSTEMS, CATCON, 2022, : 24 - 29

← 1 2 3 4 5 →