{"title":"A Multidisciplinary Approach for Online Detection of X86 Malicious Executables","authors":"Zhiyu Wang, M. Nascimento, M. MacGregor","doi":"10.1109/CNSR.2010.16","DOIUrl":null,"url":null,"abstract":"The detection of malicious executables (malware) is a well known problem. Anti-malware software are typically signature based, and only malicious attacks containing those known signatures can be detected. This is problematic because new malware is appearing extremely rapidly. This threatens to overwhelm signature-based approaches. In this paper, we propose a novel approach to detect malicious executables by using a combination of techniques from bioinformatics, data mining and information retrieval. This method is able to identify new malware related to threats already in its database. Using relatively small training sets our technique is able to achieve over 90% accuracy of detection with a false positive rate smaller than 5%.","PeriodicalId":208564,"journal":{"name":"2010 8th Annual Communication Networks and Services Research Conference","volume":"123 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 8th Annual Communication Networks and Services Research Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CNSR.2010.16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The detection of malicious executables (malware) is a well known problem. Anti-malware software are typically signature based, and only malicious attacks containing those known signatures can be detected. This is problematic because new malware is appearing extremely rapidly. This threatens to overwhelm signature-based approaches. In this paper, we propose a novel approach to detect malicious executables by using a combination of techniques from bioinformatics, data mining and information retrieval. This method is able to identify new malware related to threats already in its database. Using relatively small training sets our technique is able to achieve over 90% accuracy of detection with a false positive rate smaller than 5%.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
