{"title":"在线检测X86恶意可执行文件的多学科方法","authors":"Zhiyu Wang, M. Nascimento, M. MacGregor","doi":"10.1109/CNSR.2010.16","DOIUrl":null,"url":null,"abstract":"The detection of malicious executables (malware) is a well known problem. Anti-malware software are typically signature based, and only malicious attacks containing those known signatures can be detected. This is problematic because new malware is appearing extremely rapidly. This threatens to overwhelm signature-based approaches. In this paper, we propose a novel approach to detect malicious executables by using a combination of techniques from bioinformatics, data mining and information retrieval. This method is able to identify new malware related to threats already in its database. Using relatively small training sets our technique is able to achieve over 90% accuracy of detection with a false positive rate smaller than 5%.","PeriodicalId":208564,"journal":{"name":"2010 8th Annual Communication Networks and Services Research Conference","volume":"123 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Multidisciplinary Approach for Online Detection of X86 Malicious Executables\",\"authors\":\"Zhiyu Wang, M. Nascimento, M. MacGregor\",\"doi\":\"10.1109/CNSR.2010.16\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The detection of malicious executables (malware) is a well known problem. Anti-malware software are typically signature based, and only malicious attacks containing those known signatures can be detected. This is problematic because new malware is appearing extremely rapidly. This threatens to overwhelm signature-based approaches. In this paper, we propose a novel approach to detect malicious executables by using a combination of techniques from bioinformatics, data mining and information retrieval. This method is able to identify new malware related to threats already in its database. Using relatively small training sets our technique is able to achieve over 90% accuracy of detection with a false positive rate smaller than 5%.\",\"PeriodicalId\":208564,\"journal\":{\"name\":\"2010 8th Annual Communication Networks and Services Research Conference\",\"volume\":\"123 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-05-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 8th Annual Communication Networks and Services Research Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CNSR.2010.16\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 8th Annual Communication Networks and Services Research Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CNSR.2010.16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Multidisciplinary Approach for Online Detection of X86 Malicious Executables
The detection of malicious executables (malware) is a well known problem. Anti-malware software are typically signature based, and only malicious attacks containing those known signatures can be detected. This is problematic because new malware is appearing extremely rapidly. This threatens to overwhelm signature-based approaches. In this paper, we propose a novel approach to detect malicious executables by using a combination of techniques from bioinformatics, data mining and information retrieval. This method is able to identify new malware related to threats already in its database. Using relatively small training sets our technique is able to achieve over 90% accuracy of detection with a false positive rate smaller than 5%.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
