Leonardo Igor Moraga, Juan Pablo Rivelli Malcó, David Zabala-Blanco, Roberto Ahumada-García, César A. Azurdia-Meza, A. D. Firoozabadi
{"title":"基于ELM的工程记忆函数模糊恶意软件检测","authors":"Leonardo Igor Moraga, Juan Pablo Rivelli Malcó, David Zabala-Blanco, Roberto Ahumada-García, César A. Azurdia-Meza, A. D. Firoozabadi","doi":"10.1109/ColCACI59285.2023.10226058","DOIUrl":null,"url":null,"abstract":"Memory analysis is critical to detecting malicious processes, as it can capture various characteristics and behaviors. However, although it is a field in full research, there are still some major obstacles in malware detection, such as optimizing the detection rate and countering advanced malware obfuscation. Since advanced malware uses obfuscation and other techniques to hide from detection methods, there is a great need for an efficient framework that focuses on combating obfuscation and detecting hidden malware. This work proposes an extreme learning machine (ELM) trained with a database of viruses, classified into families of Trojans, spyware, and ransomware. The performance of different ELMs will be implemented and analyzed, among them, the standard ELM, regularized ELM, unbalanced ELM I and II. Its performance will be studied both in binary classification and in multiple classifications, in order to train an antivirus capable of combating the aforementioned difficulties. Prior to obtaining the results, the operating principle of these autonomous learning methods and the methodology to be followed are explained. Finally, the results obtained for each learning method are compared.","PeriodicalId":206196,"journal":{"name":"2023 IEEE Colombian Conference on Applications of Computational Intelligence (ColCACI)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Detection of Obfuscated Malware by Engineering Memory Functions Applying ELM\",\"authors\":\"Leonardo Igor Moraga, Juan Pablo Rivelli Malcó, David Zabala-Blanco, Roberto Ahumada-García, César A. Azurdia-Meza, A. D. Firoozabadi\",\"doi\":\"10.1109/ColCACI59285.2023.10226058\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Memory analysis is critical to detecting malicious processes, as it can capture various characteristics and behaviors. However, although it is a field in full research, there are still some major obstacles in malware detection, such as optimizing the detection rate and countering advanced malware obfuscation. Since advanced malware uses obfuscation and other techniques to hide from detection methods, there is a great need for an efficient framework that focuses on combating obfuscation and detecting hidden malware. This work proposes an extreme learning machine (ELM) trained with a database of viruses, classified into families of Trojans, spyware, and ransomware. The performance of different ELMs will be implemented and analyzed, among them, the standard ELM, regularized ELM, unbalanced ELM I and II. Its performance will be studied both in binary classification and in multiple classifications, in order to train an antivirus capable of combating the aforementioned difficulties. Prior to obtaining the results, the operating principle of these autonomous learning methods and the methodology to be followed are explained. Finally, the results obtained for each learning method are compared.\",\"PeriodicalId\":206196,\"journal\":{\"name\":\"2023 IEEE Colombian Conference on Applications of Computational Intelligence (ColCACI)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE Colombian Conference on Applications of Computational Intelligence (ColCACI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ColCACI59285.2023.10226058\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE Colombian Conference on Applications of Computational Intelligence (ColCACI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ColCACI59285.2023.10226058","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Detection of Obfuscated Malware by Engineering Memory Functions Applying ELM
Memory analysis is critical to detecting malicious processes, as it can capture various characteristics and behaviors. However, although it is a field in full research, there are still some major obstacles in malware detection, such as optimizing the detection rate and countering advanced malware obfuscation. Since advanced malware uses obfuscation and other techniques to hide from detection methods, there is a great need for an efficient framework that focuses on combating obfuscation and detecting hidden malware. This work proposes an extreme learning machine (ELM) trained with a database of viruses, classified into families of Trojans, spyware, and ransomware. The performance of different ELMs will be implemented and analyzed, among them, the standard ELM, regularized ELM, unbalanced ELM I and II. Its performance will be studied both in binary classification and in multiple classifications, in order to train an antivirus capable of combating the aforementioned difficulties. Prior to obtaining the results, the operating principle of these autonomous learning methods and the methodology to be followed are explained. Finally, the results obtained for each learning method are compared.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
