Metamorphic malicious code behavior detection using probabilistic inference methods
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Choi, Chang | - |
dc.contributor.author | Esposito, Christian | - |
dc.contributor.author | Lee, Mungyu | - |
dc.contributor.author | Choi, Junho | - |
dc.date.available | 2020-10-20T06:43:50Z | - |
dc.date.created | 2020-06-10 | - |
dc.date.issued | 2019-08 | - |
dc.identifier.issn | 1389-0417 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/78551 | - |
dc.description.abstract | Existing antivirus programs detect malicious code based on fixed signatures; therefore, they have limitations in detecting metamorphic malicious code that lacks signature information or possesses circumventing code inserted into it. Research on the methods for detecting this type of metamorphic malicious code primarily focuses on techniques that can detect code based on behavioral similarity to known malicious code. However, these techniques measure the degree of similarity with existing malicious code using API function call patterns. Therefore, they have certain disadvantages, such as low accuracy and large detection times. In this paper, we propose a method which can overcome the limitations of existing methods by using the FP-Growth algorithm, a data mining technique, and the Markov Logic Networks algorithm, a probabilistic inference method. To perform a comparative evaluation of the proposed method's malicious code behavior detection, we performed inference experiments using malicious code with an inserted code for random malicious behavior. We performed experiments to select optimal weights for each inference rule to improve our malicious code behavior inferences' accuracy. The results of experiments, in which we performed a comparative evaluation with the General Bayesian Network, showed that the proposed method had an 8% higher classification performance. (C) 2019 Elsevier B.V. All rights reserved. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER SCIENCE BV | - |
dc.relation.isPartOf | COGNITIVE SYSTEMS RESEARCH | - |
dc.title | Metamorphic malicious code behavior detection using probabilistic inference methods | - |
dc.type | Article | - |
dc.type.rims | ART | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000468975100019 | - |
dc.identifier.doi | 10.1016/j.cogsys.2019.03.007 | - |
dc.identifier.bibliographicCitation | COGNITIVE SYSTEMS RESEARCH, v.56, pp.142 - 150 | - |
dc.description.isOpenAccess | N | - |
dc.citation.endPage | 150 | - |
dc.citation.startPage | 142 | - |
dc.citation.title | COGNITIVE SYSTEMS RESEARCH | - |
dc.citation.volume | 56 | - |
dc.contributor.affiliatedAuthor | Choi, Chang | - |
dc.type.docType | Article | - |
dc.subject.keywordAuthor | Malicious code | - |
dc.subject.keywordAuthor | Probabilistic inference | - |
dc.subject.keywordAuthor | Markov logic networks | - |
dc.subject.keywordAuthor | Malicious behavior patterns | - |
dc.subject.keywordPlus | MALWARE DETECTION | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Neurosciences & Neurology | - |
dc.relation.journalResearchArea | Psychology | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Artificial Intelligence | - |
dc.relation.journalWebOfScienceCategory | Neurosciences | - |
dc.relation.journalWebOfScienceCategory | Psychology, Experimental | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | ssci | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.