CrowdSource: Automated inference of high level malware functionality from low-level symbols using a crowd trained machine learning model

机译：CrowdSource：使用人群培训的机器学习模型自动推理高级恶意软件功能的高级恶意软件功能

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

In this paper we introduce CrowdSource, a statistical natural language processing system designed to make rapid inferences about malware functionality based on printable character strings extracted from malware binaries. CrowdSource “learns” a mapping between low-level language and high-level software functionality by leveraging millions of web technical documents from StackExchange, a popular network of technical question and answer sites, using this mapping to infer malware capabilities. This paper describes our approach and provides an evaluation of its accuracy and performance, demonstrating that it can detect at least 14 high-level malware capabilities in unpacked malware binaries with an average per-capability f-score of 0.86 and at a rate of tens of thousands of binaries per day on commodity hardware.

机译：在本文中，我们介绍了一个统计的自然语言处理系统，旨在基于从恶意软件二进制文件中提取的可打印字符串对恶意软件功能进行快速推断。 CrowdSource通过利用Stackexchange，使用此映射来利用数百万个Web技术文档来利用数百万Web技术文档来推断恶意软件功能来推断Malware功能，从Stackexchange，从Stackexchange，一个流行的技术问题和答案站点进行了高级语言和高级软件功能之间的映射。本文介绍了我们的方法，并提供了对其准确性和性能的评估，表明它可以在未包装的恶意软件二进制文件中检测到至少14个高级恶意软件功能，平均每能力F分数为0.86，以数十的速度商品硬件每天数以千计的二进制文件。

著录项

来源
《International Conference on Malicious and Unwanted Software》|2014年||共8页
会议地点
作者
Saxe Joshua; Turner Richard; Blokhin Kristina;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算机病毒与防治;
关键词
Internet; inference mechanisms; invasive software; learning (artificial intelligence); natural language processing; text analysis; CrowdSource; StackExchange; Web technical documents; automated inference; commodity hardware; crowd trained machine learning model; f-score; high level malware functionality inference; high-level software functionality; low-level language; low-level symbols; printable character string extraction; statistical natural language processing system; unpacked malware binaries; Accuracy; Bayes methods; Indexes; Malware; Probabilistic logic; Protocols; Software; Malicious applications; application security; computer security; network security; reverse engineering;

机译：互联网;推理机制;侵入性软件;学习（人工智能）;自然语言处理;文本分析;CrackSource;Crackexchange;网络技术文件;自动推断;商品硬件;人群训练机学习模型;F分数;高级恶意软件功能推断;高级软件功能;低级语言;低级符号;可打印字符串提取;统计自然语言处理系统;解压缩恶意软件二进制文件;准确性;贝叶斯方法;索引;索引;概率;软件;软件;软件;软件;软件;软件;软件;软件;软件;软件;恶意应用;应用安全;计算机安全;网络安全;逆向工程;

相似文献

外文文献
中文文献
专利

1. Automated multi-level malware detection system based on reconstructed semantic view of executables using machine learning techniques at VMM [J] . Ajay Kumara M.A., Jaidhar C.D. Future generation computer systems . 2018,第PTa1期

机译：在VMM上使用机器学习技术基于可执行文件的重构语义视图的自动化多级恶意软件检测系统
2. Automated detection of koalas using low-level aerial surveillance and machine learning [J] . Evangeline Corcoran, Simon Denman, Jon Hanger, Scientific reports. . 2019,第1期

机译：使用低空空中监视和机器学习自动检测考拉
3. A composite machine-learning-based framework for supporting low-level event logs to high-level business process model activities mappings enhanced by flexible BPMN model translation [J] . Soft computing: A fusion of foundations, methodologies and applications . 2020,第10期

机译：基于复合机器学习的框架，用于支持低级事件日志，以通过灵活的BPMN模型翻译增强的高级业务流程模型活动映射
4. CrowdSource: Automated inference of high level malware functionality from low-level symbols using a crowd trained machine learning model [C] . Saxe Joshua, Turner Richard, Blokhin Kristina International Conference on Malicious and Unwanted Software . 2014

机译：CrowdSource：使用经过人群训练的机器学习模型，从低级符号自动推断高级恶意软件功能
5. Automating malware detection in Windows memory images using machine learning [D] . Glendowne, Dae 2015

机译：使用机器学习自动检测Windows内存映像中的恶意软件
6. Precision Telemedicine through Crowdsourced Machine Learning: Testing Variability of Crowd Workers for Video-Based Autism Feature Recognition [O] . Peter Washington, Emilie Leblanc, Kaitlyn Dunlap, 2020

机译：精密远程医疗通过众群机学习：测试基于视频的自闭症功能识别人群工人的变化
7. CrowdSource: Automated Inference of High Level Malware Functionality from Low-Level Symbols Using a Crowd Trained Machine Learning Model [O] . Saxe, Joshua, Turner, Rafael, Blokhin, Kristina 2016

机译：Crowdsource：高级恶意软件功能的自动推理使用人群训练的机器学习模型从低级符号

CrowdSource: Automated inference of high level malware functionality from low-level symbols using a crowd trained machine learning model

摘要

著录项

相似文献

相关主题

期刊订阅