{"title":"使用混合系统检测恶意软件系统调用","authors":"Y. Guan, Naser Ezzati-Jivan","doi":"10.1109/SysCon48628.2021.9447094","DOIUrl":null,"url":null,"abstract":"Due to the rapid and continuous increase of network intrusion, the need to protect computer systems and underlying infrastructure becomes inevitable. Beside this, the systems have additionally gotten extremely intricate as they fill in both scale and usefulness;hence,intrusion/anomaly detection becomes essential. The intrusion or anomaly detection poses several challenges including data collections due to the inherent datasets imbalance, caused by systems’ reliability requirements causing the event of an anomaly a irregularity phenomenon. Therefore, only a small percentage of available datasets captures the anomaly, which brings in the second challenge, i.e, model selection, and a specific approach for detecting an anomaly. While much research has been concentrated on the data collection part and statistical techniques, the focus of this work is devoted to a multi-module system call anomalies detection technique. We propose a novel approach based on Long Short Term Memory(LSTM) and attention using transformers that can learn a sequence of a system call efficiently. Experimental results showed that the proposed deep learning model is 92.6% precise with a recall of 93.8% to classify the malicious process in the system.","PeriodicalId":384949,"journal":{"name":"2021 IEEE International Systems Conference (SysCon)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Malware System Calls Detection Using Hybrid System\",\"authors\":\"Y. Guan, Naser Ezzati-Jivan\",\"doi\":\"10.1109/SysCon48628.2021.9447094\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to the rapid and continuous increase of network intrusion, the need to protect computer systems and underlying infrastructure becomes inevitable. Beside this, the systems have additionally gotten extremely intricate as they fill in both scale and usefulness;hence,intrusion/anomaly detection becomes essential. The intrusion or anomaly detection poses several challenges including data collections due to the inherent datasets imbalance, caused by systems’ reliability requirements causing the event of an anomaly a irregularity phenomenon. Therefore, only a small percentage of available datasets captures the anomaly, which brings in the second challenge, i.e, model selection, and a specific approach for detecting an anomaly. While much research has been concentrated on the data collection part and statistical techniques, the focus of this work is devoted to a multi-module system call anomalies detection technique. We propose a novel approach based on Long Short Term Memory(LSTM) and attention using transformers that can learn a sequence of a system call efficiently. Experimental results showed that the proposed deep learning model is 92.6% precise with a recall of 93.8% to classify the malicious process in the system.\",\"PeriodicalId\":384949,\"journal\":{\"name\":\"2021 IEEE International Systems Conference (SysCon)\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-04-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE International Systems Conference (SysCon)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SysCon48628.2021.9447094\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Systems Conference (SysCon)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SysCon48628.2021.9447094","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Malware System Calls Detection Using Hybrid System
Due to the rapid and continuous increase of network intrusion, the need to protect computer systems and underlying infrastructure becomes inevitable. Beside this, the systems have additionally gotten extremely intricate as they fill in both scale and usefulness;hence,intrusion/anomaly detection becomes essential. The intrusion or anomaly detection poses several challenges including data collections due to the inherent datasets imbalance, caused by systems’ reliability requirements causing the event of an anomaly a irregularity phenomenon. Therefore, only a small percentage of available datasets captures the anomaly, which brings in the second challenge, i.e, model selection, and a specific approach for detecting an anomaly. While much research has been concentrated on the data collection part and statistical techniques, the focus of this work is devoted to a multi-module system call anomalies detection technique. We propose a novel approach based on Long Short Term Memory(LSTM) and attention using transformers that can learn a sequence of a system call efficiently. Experimental results showed that the proposed deep learning model is 92.6% precise with a recall of 93.8% to classify the malicious process in the system.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
