{"title":"云计算环境下基于二进制文件特征的分布式恶意软件检测","authors":"Xiaoguang Han, Jigang Sun, Wu Qu, Xuanxia Yao","doi":"10.1109/CCDC.2014.6852896","DOIUrl":null,"url":null,"abstract":"A number of techniques have been devised by researchers to counter malware attacks, and machine learning techniques play an important role in automated malware detection. Several machine learning approaches have been applied to malware detection, based on different features derived from dynamic analysis of the malware. While these methods demonstrate promise, they pose at least two major challenges. First, these approaches are subjected to a growing array of countermeasures that increase the cost of capturing these malware binary executable file features. Further, feature extraction requires a time investment per binary file that does not scale well to the daily volume of malware instances being reported by those who diligently collect malware. In order to address the first challenge, this article proposed a binary-to-image projection algorithm based on a new type of feature extraction for the malware, was introduced in [2]. To address the second challenge, the technique's scalability is demonstrated through an implementation for the distributed (Key, Value) abstraction in cloud computing environment. Both theoretical and empirical evidence demonstrate its effectiveness over other state-of-the-art malware detection techniques on malware corpus, and the proposed method could be a useful and efficient complement to dynamic analysis.","PeriodicalId":380818,"journal":{"name":"The 26th Chinese Control and Decision Conference (2014 CCDC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Distributed malware detection based on binary file features in cloud computing environment\",\"authors\":\"Xiaoguang Han, Jigang Sun, Wu Qu, Xuanxia Yao\",\"doi\":\"10.1109/CCDC.2014.6852896\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A number of techniques have been devised by researchers to counter malware attacks, and machine learning techniques play an important role in automated malware detection. Several machine learning approaches have been applied to malware detection, based on different features derived from dynamic analysis of the malware. While these methods demonstrate promise, they pose at least two major challenges. First, these approaches are subjected to a growing array of countermeasures that increase the cost of capturing these malware binary executable file features. Further, feature extraction requires a time investment per binary file that does not scale well to the daily volume of malware instances being reported by those who diligently collect malware. In order to address the first challenge, this article proposed a binary-to-image projection algorithm based on a new type of feature extraction for the malware, was introduced in [2]. To address the second challenge, the technique's scalability is demonstrated through an implementation for the distributed (Key, Value) abstraction in cloud computing environment. Both theoretical and empirical evidence demonstrate its effectiveness over other state-of-the-art malware detection techniques on malware corpus, and the proposed method could be a useful and efficient complement to dynamic analysis.\",\"PeriodicalId\":380818,\"journal\":{\"name\":\"The 26th Chinese Control and Decision Conference (2014 CCDC)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-07-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 26th Chinese Control and Decision Conference (2014 CCDC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCDC.2014.6852896\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 26th Chinese Control and Decision Conference (2014 CCDC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCDC.2014.6852896","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Distributed malware detection based on binary file features in cloud computing environment
A number of techniques have been devised by researchers to counter malware attacks, and machine learning techniques play an important role in automated malware detection. Several machine learning approaches have been applied to malware detection, based on different features derived from dynamic analysis of the malware. While these methods demonstrate promise, they pose at least two major challenges. First, these approaches are subjected to a growing array of countermeasures that increase the cost of capturing these malware binary executable file features. Further, feature extraction requires a time investment per binary file that does not scale well to the daily volume of malware instances being reported by those who diligently collect malware. In order to address the first challenge, this article proposed a binary-to-image projection algorithm based on a new type of feature extraction for the malware, was introduced in [2]. To address the second challenge, the technique's scalability is demonstrated through an implementation for the distributed (Key, Value) abstraction in cloud computing environment. Both theoretical and empirical evidence demonstrate its effectiveness over other state-of-the-art malware detection techniques on malware corpus, and the proposed method could be a useful and efficient complement to dynamic analysis.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
