首页> 外文会议>Computer science and its applications >A Real-Time PE-Malware Detection System Based on CHI-Square Test and PE-File Features

【24h】

A Real-Time PE-Malware Detection System Based on CHI-Square Test and PE-File Features

机译：基于CHI方检验和PE文件特征的实时PE恶意软件检测系统

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Constructing an efficient malware detection system requires taking into consideration two important aspects, which are the accuracy and the detection time. However, finding an appropriate balance between these two characteristics remains at this time a very challenging problem. In this paper, we present a real-time PE (Portable Executable) malware detection system, which is based on the analysis of the information stored in the PE-Optional Header fields (PEF). Our system used a combination of the Chi-square (KHI~2) score and the Phi (φ) coefficient as feature selection method. We have evaluated our system using Rotation Forest classifier implemented in WEKA and we reached more than 97% of accuracy. Our system is able to categorize a file in 0.077 seconds, which makes it adequate for real-time detection of malware.

机译：构建有效的恶意软件检测系统需要考虑两个重要方面，即准确性和检测时间。然而，此时在这两个特征之间找到适当的平衡仍然是一个非常具有挑战性的问题。在本文中，我们提出了一种实时PE（便携式可执行文件）恶意软件检测系统，该系统基于对PE-Optional Header字段（PEF）中存储的信息的分析。我们的系统使用卡方（KHI〜2）分数和Phi（φ）系数的组合作为特征选择方法。我们已经使用WEKA中实现的Rotation Forest分类器评估了我们的系统，并且达到了97％以上的准确性。我们的系统能够在0.077秒内将文件分类，这足以用于实时检测恶意软件。

著录项

来源
《Computer science and its applications》|2015年|416-425|共10页
会议地点 Saida(DZ)
作者
Mohamed Belaoued; Smaine Mazouzi;
展开▼
作者单位

Department of Computer Science Universite 20 aout 1955-Skikda, Algeria;

Department of Computer Science Universite 20 aout 1955-Skikda, Algeria;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Malware; Malware analysis; Chi-square test (KHI~2); PE-optional header;

机译：恶意软件；恶意软件分析；卡方检验（KHI〜2）; PE-可选接头;

相似文献

外文文献
中文文献
专利

1. An intelligent PE-malware detection system based on association mining [J] . Yanfang Ye, Dingding Wang, Tao Li, Journal in computer virology . 2008,第4期

机译：基于关联挖掘的智能PE恶意软件检测系统
2. AN ANOMALY DETECTION TECHNIQUE BASED ON A CHI-SQUARE STATISTIC FOR DETECTING INTRUSIONS INTO INFORMATION SYSTEMS [J] . NONG YE, QIANG CHEN Quality and Reliability Engineering International . 2001,第2期

机译：基于卡方统计量的异常检测技术，用于将入侵检测到信息系统中
3. A real-time system for vehicle detection with shadow removal and vehicle classification based on vehicle features at urban roads [J] . Issan Atouf, Wahban Yahya Al Okaishi, Abdelmoghit Zaaran, International Journal of Power Electronics and Drive Systems . 2020,第4期

机译：基于城市道路车辆特征的浊度和车辆分类的车辆检测实时系统
4. Comparison between support vector machine and fuzzy Kernel C-Means as classifiers for intrusion detection system using chi-square feature selection [C] . Z. Rustam, N. P. A. A. Ariantari International Symposium on Current Progress in Mathematics and Sciences . 2018

机译：支持向量机与模糊内核C型方式的比较作为使用Chi-Square特征选择入侵检测系统的分类器
5. Implementation and pilot testing of an android-based real-time activity detection system. [D] . Sun, Yifei. 2013

机译：基于android的实时活动检测系统的实现和试点测试。
6. A Robust INS/SRS/CNS Integrated Navigation System with the Chi-Square Test-Based Robust Kalman Filter [O] . Guangle Gao, Shesheng Gao, Genyuan Hong, 2020

机译：具有基于Chi-Square测试的强大卡尔曼滤波器的强大INS / SRS / CNS集成导航系统
7. A Real-Time PE-Malware Detection System Based on CHI-Square Test and PE-File Features [O] . Mohamed Belaoued, Smaine Mazouzi 2015

机译：基于Chi-Square测试和PE文件功能的实时PE-Malware检测系统

A Real-Time PE-Malware Detection System Based on CHI-Square Test and PE-File Features

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅