Detection of Malicious Executable Files Based on Clustering of Activities

被引：1

作者：

Ognev, R. A. ^{[1
]}

Zhukovskii, E., V ^{[1
]}

Zegzhda, D. P. ^{[1
]}

机构：

[1] Peter Great St Petersburg Polytech Univ, St Petersburg 195251, Russia

来源：

AUTOMATIC CONTROL AND COMPUTER SCIENCES | 2021年 / 55卷 / 08期

关键词：

classification; clustering; malware; malicious behavior; machine learning; behavioral analysis; dynamic analysis; computer security;

D O I：

10.3103/S0146411621080228

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The application of classification algorithms for malware detection is studied. The classes of activities obtained as a result of clustering are based on analysis of call sequences of WinAPI functions. Application of the following classification algorithms is considered: gradient boosting, adaptive boosting, linear regression, and random forest. To evaluate the operation efficiency of the generated classifiers, the following metrics were employed: accuracy, F1 measure, area under ROC curve, and training time.

引用

页码：1092 / 1098

页数：7

共 12 条

[1]

[Anonymous], 2020, AV TEST SECURITY REP

[2]

Hansen S.S., 2015, THESIS AALBORG U AAL

[3]

Kalinin M., 2021, STUDIES ENTREPRENEUR, P151, DOI [10.1007/978-3-030-59959-1_10, DOI 10.1007/978-3-030-59959-1_10]

[4]

Kalinin M., 2020, AI BASED SECURITY SM

[5]

Kubrin G.S., 2020, METODY TEKH SREDSTVA, P28

[6]

Nair V., 2010, SIN '10, P263, DOI [10.1145/1854099.1854152, DOI 10.1145/1854099.1854152]

[7] Clustering of Malicious Executable Files Based on the Sequence Analysis of System Calls [J].

Ognev, R. A. ;

Zhukovskii, E. V. ;

Zegzhda, D. P. .

AUTOMATIC CONTROL AND COMPUTER SCIENCES, 2019, 53 (08) :1045-1055

[8] Application of Synthetic Data Generation Methods to the Detection of Network Attacks on Internet of Things Devices [J].

Ovasapyan, T. D. ;

Danilov, V. D. ;

Moskvin, D. A. .

AUTOMATIC CONTROL AND COMPUTER SCIENCES, 2021, 55 (08) :991-998

[9] Application of Taint Analysis to Study the Safety of Software of the Internet of Things Devices Based on the ARM Architecture [J].

Ovasapyan, T. D. ;

Knyazev, P., V ;

Moskvin, D. A. .

AUTOMATIC CONTROL AND COMPUTER SCIENCES, 2020, 54 (08) :834-840

[10] Joint Beamforming and Location Optimization for Cooperative Content-Aware UAVs [J].

Phuc Dinh ;

Tri Minh Nguyen ;

Assi, Chadi ;

Ajib, Wessam .

2019 IEEE WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE (WCNC), 2019,

← 1 2 →