Methodology for Behavioral-based Malware Analysis and Detection Using Random Projections and K-Nearest Neighbors Classifiers

机译：使用随机投影和K最近邻分类器进行基于行为的恶意软件分析和检测的方法

获取原文

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

In this paper, a two-stage methodology to analyze and detect behavioral-based malware is presented. In the first stage, a random projection is decreasing the variable dimensionality of the problem and is simultaneously reducing the computational time of the classification task by several orders of magnitude. In the second stage, a modified K-Nearest Neighbors classifier is used with Virus Total labeling of the file samples. This methodology is applied to a large number of file samples provided by F-Secure Corporation, for which a dynamic feature has been extracted during Deep Guard sandbox execution. As a result, the files classified as false negatives are used to detect possible malware that were not detected in the first place by Virus Total. The reduced number of selected false negatives allows the manual inspection by a human expert.

机译：本文提出了一种两阶段的方法来分析和检测基于行为的恶意软件。在第一阶段，随机投影会降低问题的可变维度，同时将分类任务的计算时间减少几个数量级。在第二阶段，将修改后的K最近邻分类器与文件样本的Virus Total标记一起使用。此方法适用于F-Secure Corporation提供的大量文件样本，在Deep Guard沙箱执行期间已为其提取了动态功能。结果，分类为假阴性的文件用于检测Virus Total首先未检测到的可能恶意软件。减少选择的假阴性的数量允许人类专家进行手动检查。

著录项

来源
《Computational Intelligence and Security (CIS), 2011 Seventh International Conference on》|2011年|p.1016-1023|共8页
会议地点 Sanya(CN)
作者
Hegedus, Jozsef; Miche, Yoan; Ilin, Alexander; Lendasse, Amaury;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
k nearest neighbors; machine learning; malware detection; random projections;

机译：k个最近的邻居；机器学习恶意软件检测；随机投影;

相似文献

外文文献
中文文献
专利

1. Fault Detection Using Random Projections and k-Nearest Neighbor Rule for Semiconductor Manufacturing Processes [J] . Zhou Z., Wen C., Yang C. Semiconductor Manufacturing, IEEE Transactions on . 2015,第1期

机译：使用随机投影和k最近邻规则进行半导体制造过程的故障检测
2. Performance analysis of K-nearest neighbor, support vector machine, and artificial neural network classifiers for driver drowsiness detection with different road geometries [J] . Zhenlong Li, Qingzhou Zhang, Xiaohua Zhao International Journal of Distributed Sensor Networks . 2017,第9期

机译：K近邻，支持向量机和人工神经网络分类器在不同道路几何形状下驾驶员困倦检测的性能分析
3. Multisensor Fused Fault Diagnosis for Rotation Machinery Based on Supervised Second-Order Tensor Locality Preserving Projection and Weighted k-Nearest Neighbor Classifier under Assembled Matrix Distance Metric [J] . Wei Fen, Wang Gang, Ren Bingyin, Shock and vibration . 2016,第PTa8期

机译：组合矩阵距离度量的带监督二阶张量局部性投影和加权k最近邻分类器的旋转机械多传感器融合故障诊断
4. Methodology for Behavioral-based Malware Analysis and Detection Using Random Projections and K-Nearest Neighbors Classifiers [C] . Hegedus Jozsef, Miche Yoan, Ilin Alexander, International Conference on Computational Intelligence and Security . 2011

机译：基于行为的恶意软件分析和检测方法的方法，使用随机投影和K到最近的邻居分类器
5. The Effect of K-Nearest Neighbors Classifier for Intrusion Detection of Streaming Net-Flows in Apache Spark Environment [D] . Thevar, Muthukumar 2017

机译：K近邻分类器对Apache Spark环境中流式网络流的入侵检测的影响
6. Comparison of Random Forest k-Nearest Neighbor and Support Vector Machine Classifiers for Land Cover Classification Using Sentinel-2 Imagery [O] . Phan Thanh Noi, Martin Kappas 2018

机译：使用Sentinel-2影像进行土地覆盖分类的随机森林k最近邻和支持向量机分类器的比较
7. Methodology for Behavioral-based Malware Analysis and Detection using Random Projections and K-Nearest Neighbors Classifiers [O] . Jozsef Hegedus, Yoan Miche, Er Ilin, 2013

机译：使用随机投影和K最近邻分类器进行基于行为的恶意软件分析和检测的方法

Methodology for Behavioral-based Malware Analysis and Detection Using Random Projections and K-Nearest Neighbors Classifiers

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅