Отрывок: Information Technology and Nanotechnology – 2017 Information Security 884 At the second learning stage for the given learning set it is necessary to evaluate mistake probability values of the first and second grade depending on the threshold value, and choose threshold value in accordance with the requirements to the first and second grade mistake criticality for further effective functioning of the neural network as a malware detection tool. As a result of th...
Название : | Novel approach to constructing static heuristic malware detection mechanism |
Авторы/Редакторы : | Kozachok, A.V. Bochkov, M.V. Kochetkov, E.V. |
Ключевые слова : | anti-virus protection malware neural networks decision trees heuristic analysis machine learning detection |
Дата публикации : | 2017 |
Издательство : | Новая техника |
Библиографическое описание : | Kozachok A.V. Novel approach to constructing static heuristic malware detection mechanism / A.V. Kozachok, M.V. Bochkov, E.V. Kochetkov // Сборник трудов III международной конференции и молодежной школы «Информационные технологии и нанотехнологии» (ИТНТ-2017) - Самара: Новая техника, 2017. - С. 882-887. |
Аннотация : | To ensure the protection of information processed by computer systems is currently the most important task in the construction and operation of the automated systems. The paper presents the application justification of a new set of features distinguished at the stage of the static analysis of the executable files to address the problem of malicious code detection. In the course of study, following problems were solved: development of the executable files classifier in the absence of a priori data concerning their functionality; designing class models of uninfected files and malware during the learning process; development of malicious code detection procedure using the neural networks mathematical apparatus and decision tree composition relating to the set of features specified on the basis of the executable files static analysis. The paper also describes the functional model of malware detection system using the executable files static analysis. The conclusion contains the results of experimental evaluation of the developed detection mechanism efficiency on the basis of neural networks and decision tree composition. The obtained data confirmed the hypothesis about the possibility of constructing the heuristic malware analyzer on the basis of features distinguished during the static analysis of the executable files. However, the approach based on the decision tree composition enables to obtain a significantly lower false negative rate probability with the specified initial data and classifier parameter values relating to neural networks. |
URI (Унифицированный идентификатор ресурса) : | http://repo.ssau.ru/handle/Informacionnye-tehnologii-i-nanotehnologii/Novel-approach-to-constructing-static-heuristic-malware-detection-mechanism-63811 |
Другие идентификаторы : | Dspace\SGAU\20170516\63811 |
Располагается в коллекциях: | Информационные технологии и нанотехнологии |
Файлы этого ресурса:
Файл | Описание | Размер | Формат | |
---|---|---|---|---|
paper 157_882-887.pdf | Основная статья | 618.65 kB | Adobe PDF | Просмотреть/Открыть |
Показать полное описание ресурса
Просмотр статистики
Поделиться:
Все ресурсы в архиве электронных ресурсов защищены авторским правом, все права сохранены.