{"title":"基于在线学习的自更新增量恶意软件检测模型","authors":"Donghui Zhao, Liang Kou, Jilin Zhang","doi":"10.1109/DSA56465.2022.00145","DOIUrl":null,"url":null,"abstract":"With the rapid evolution of machine learning technology, ML-based malware detection is widely accepted as a panacea towards effective malware de-tection. However, facing with the great number of detecion system, malware can always breakthrough. It is chanllenging for the train models to detect a malware that newly show up. This phenomenon is widely known as concept drift. To address this chal-lenge, we proposed a online learning based malware detection system, which is based on the API sequences generated by the processes when it is running and also able to recognize concept drift. The sustainbility of detection system can be significantly improved with online learning algorithms. Lastly, in order to detect malware as much as possible, we use the incremental model structure.","PeriodicalId":208148,"journal":{"name":"2022 9th International Conference on Dependable Systems and Their Applications (DSA)","volume":"134 6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Online Learning based Self-updating Incremental Malware Detection Model\",\"authors\":\"Donghui Zhao, Liang Kou, Jilin Zhang\",\"doi\":\"10.1109/DSA56465.2022.00145\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the rapid evolution of machine learning technology, ML-based malware detection is widely accepted as a panacea towards effective malware de-tection. However, facing with the great number of detecion system, malware can always breakthrough. It is chanllenging for the train models to detect a malware that newly show up. This phenomenon is widely known as concept drift. To address this chal-lenge, we proposed a online learning based malware detection system, which is based on the API sequences generated by the processes when it is running and also able to recognize concept drift. The sustainbility of detection system can be significantly improved with online learning algorithms. Lastly, in order to detect malware as much as possible, we use the incremental model structure.\",\"PeriodicalId\":208148,\"journal\":{\"name\":\"2022 9th International Conference on Dependable Systems and Their Applications (DSA)\",\"volume\":\"134 6\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 9th International Conference on Dependable Systems and Their Applications (DSA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSA56465.2022.00145\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 9th International Conference on Dependable Systems and Their Applications (DSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSA56465.2022.00145","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Online Learning based Self-updating Incremental Malware Detection Model
With the rapid evolution of machine learning technology, ML-based malware detection is widely accepted as a panacea towards effective malware de-tection. However, facing with the great number of detecion system, malware can always breakthrough. It is chanllenging for the train models to detect a malware that newly show up. This phenomenon is widely known as concept drift. To address this chal-lenge, we proposed a online learning based malware detection system, which is based on the API sequences generated by the processes when it is running and also able to recognize concept drift. The sustainbility of detection system can be significantly improved with online learning algorithms. Lastly, in order to detect malware as much as possible, we use the incremental model structure.