A Node-Embedding Features Based Machine Learning Technique for Dynamic Malware Detection

2022 IEEE Conference on Dependable and Secure Computing (DSC) Pub Date : 2022-06-22 DOI:10.1109/DSC54232.2022.9888836

Sudhir Kumar Rai, Ashish R. Mittal, Sparsh Mittal

引用次数: 1

Abstract

As the malware menace exacerbates, dynamic malware detection (DMD) has become even more critical. In this paper, we present a machine-learning-based DMD technique. We propose generating node embedding features (NEFs) from process execution chains. We use NEFs and other features based on the command line, file path, and action taken by a process and feed them to our machine learning (ML) classification algorithms. We evaluated two ML classifiers, viz., light gradient boosting machine (LGBM) and XGBoost. We perform experiments on a real-world dataset provided by a leading anti-virus company. Our technique achieves high accuracy, and the use of NEFs improves the predictive performance of ML classification algorithms. Also, NEFs are found to be highly important in both these algorithms.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于节点嵌入特征的机器学习动态恶意软件检测技术

随着恶意软件威胁的加剧，动态恶意软件检测(DMD)变得更加关键。在本文中，我们提出了一种基于机器学习的DMD技术。我们提出从过程执行链中生成节点嵌入特征(nef)。我们基于命令行、文件路径和进程所采取的动作使用nef和其他特征，并将它们提供给我们的机器学习(ML)分类算法。我们评估了两个ML分类器，即光梯度增强机(LGBM)和XGBoost。我们在一家领先的反病毒公司提供的真实数据集上进行实验。我们的技术达到了很高的准确率，并且nef的使用提高了ML分类算法的预测性能。此外，nef在这两种算法中都非常重要。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2022 IEEE Conference on Dependable and Secure Computing (DSC)

自引率

0.00%

发文量

期刊最新文献

Symbolon: Enabling Flexible Multi-device-based User Authentication A Survey on Explainable Anomaly Detection for Industrial Internet of Things Optimising user security recommendations for AI-powered smart-homes A Scary Peek into The Future: Advanced Persistent Threats in Emerging Computing Environments LAEG: Leak-based AEG using Dynamic Binary Analysis to Defeat ASLR