{"title":"入侵检测系统中的实时恶意软件检测框架","authors":"Sunwoo Kim, Taeguen Kim, E. Im","doi":"10.1145/2513228.2513297","DOIUrl":null,"url":null,"abstract":"We suggest an efficient framework to detect malware in Intrusion Detection System (IDS). The framework generates signatures from malware families and generates corresponding detection rules. The generated signatures are not influenced by small changes of malware while they can be used to detect malware that has similar behaviors with normal programs. Our signatures are stored as an Aho-Corasick Tree form to improve signature matching performance in IDS.","PeriodicalId":120340,"journal":{"name":"Research in Adaptive and Convergent Systems","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Real-time malware detection framework in intrusion detection systems\",\"authors\":\"Sunwoo Kim, Taeguen Kim, E. Im\",\"doi\":\"10.1145/2513228.2513297\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We suggest an efficient framework to detect malware in Intrusion Detection System (IDS). The framework generates signatures from malware families and generates corresponding detection rules. The generated signatures are not influenced by small changes of malware while they can be used to detect malware that has similar behaviors with normal programs. Our signatures are stored as an Aho-Corasick Tree form to improve signature matching performance in IDS.\",\"PeriodicalId\":120340,\"journal\":{\"name\":\"Research in Adaptive and Convergent Systems\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Research in Adaptive and Convergent Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2513228.2513297\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Research in Adaptive and Convergent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2513228.2513297","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Real-time malware detection framework in intrusion detection systems
We suggest an efficient framework to detect malware in Intrusion Detection System (IDS). The framework generates signatures from malware families and generates corresponding detection rules. The generated signatures are not influenced by small changes of malware while they can be used to detect malware that has similar behaviors with normal programs. Our signatures are stored as an Aho-Corasick Tree form to improve signature matching performance in IDS.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
