{"title":"基于图的模拟退火和支持向量机在恶意软件检测中的应用","authors":"A. Sirageldin, A. Selamat, R. Ibrahim","doi":"10.1109/MYSEC.2011.6140720","DOIUrl":null,"url":null,"abstract":"As ongoing war between the malware developer and defense mechanism planners there is a great challenge in providing an effective defense mechanism against evasion technique used by malware authors. The present paper provides a framework for malware detection based on the analysis of graphs introduced from instructions of the executable objects. The graph is constructed through the graph extractor, and then we used the simulated annealing algorithm to approximate the graph similarity measure. The threshold value plays a great role to relate the support vector machine to confirm the real class of the file, benign or malicious.","PeriodicalId":137714,"journal":{"name":"2011 Malaysian Conference in Software Engineering","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Graph-based simulated annealing and support vector machine in Malware detection\",\"authors\":\"A. Sirageldin, A. Selamat, R. Ibrahim\",\"doi\":\"10.1109/MYSEC.2011.6140720\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As ongoing war between the malware developer and defense mechanism planners there is a great challenge in providing an effective defense mechanism against evasion technique used by malware authors. The present paper provides a framework for malware detection based on the analysis of graphs introduced from instructions of the executable objects. The graph is constructed through the graph extractor, and then we used the simulated annealing algorithm to approximate the graph similarity measure. The threshold value plays a great role to relate the support vector machine to confirm the real class of the file, benign or malicious.\",\"PeriodicalId\":137714,\"journal\":{\"name\":\"2011 Malaysian Conference in Software Engineering\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 Malaysian Conference in Software Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MYSEC.2011.6140720\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Malaysian Conference in Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MYSEC.2011.6140720","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Graph-based simulated annealing and support vector machine in Malware detection
As ongoing war between the malware developer and defense mechanism planners there is a great challenge in providing an effective defense mechanism against evasion technique used by malware authors. The present paper provides a framework for malware detection based on the analysis of graphs introduced from instructions of the executable objects. The graph is constructed through the graph extractor, and then we used the simulated annealing algorithm to approximate the graph similarity measure. The threshold value plays a great role to relate the support vector machine to confirm the real class of the file, benign or malicious.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
