A malware detection method based on family behavior graph

Yuxin Ding; Xiaoling Xia; Sheng Chen; Ye Li

首页> 外文期刊>Computers & Security >A malware detection method based on family behavior graph

【24h】

A malware detection method based on family behavior graph

机译：基于家庭行为图的恶意软件检测方法

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Abstract

Graph-based malware detection methods must build a behavior graph for each known malware, and they are difficult to apply in practice. To solve this issue, we study how to build a common behavior graph for each malware family. We represent malware behaviors as dependency graphs. To find the dependency relations between system calls, we use a dynamic taint analysis technique to mark the system call parameters with taint tags, and we then build the system call dependency graph by tracing the propagation of the taint data. Based on the dependency graphs of malware samples, we propose an algorithm to extract the common behavior graph, which is used to represent the behavioral features of a malware family. Finally, a graph matching algorithm that is based on the maximum weight subgraph is used to detect malicious code. The experimental results show that the proposed method has a high detection rate and a low false positive rate and can detect malware variants.

机译：

摘要

为了解决此问题，我们研究了如何为每个恶意软件家族构建通用行为图。我们将恶意软件行为表示为依赖关系图。为了找到系统调用之间的依赖关系，我们使用了动态的污染分析技术，以带有taint标签的方式标记系统调用参数，然后通过跟踪污染数据的传播来构建系统调用依赖图。基于恶意软件样本的依赖图，我们提出了一种提取常见行为图的算法，该算法用于表示恶意软件家族的行为特征。最后，基于最大权重子图的图匹配算法用于检测恶意代码。实验结果表明，该方法具有较高的检测率和较低的误报率，可以检测出恶意软件变种。

著录项

来源
《Computers & Security》 |2018年第3期|73-86|共14页
作者
Yuxin Ding; Xiaoling Xia; Sheng Chen; Ye Li;
展开▼
作者单位

Harbin Institute of Technology Shenzhen Graduate School, Shenzhen University Town;

Harbin Institute of Technology Shenzhen Graduate School, Shenzhen University Town;

Harbin Institute of Technology Shenzhen Graduate School, Shenzhen University Town;

Harbin Institute of Technology Shenzhen Graduate School, Shenzhen University Town;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Dependency graph; Dynamic taint analysis; Malware; Security; System call;

机译：依赖图;动态污染分析;恶意软件;安全性;系统调用;

相似文献

外文文献
中文文献
专利

1. Malware Detection Based on Deep Learning of Behavior Graphs [J] . Xiao Fei, Lin Zhaowen, Sun Yi, Mathematical Problems in Engineering . 2019,第PTa4期

机译：基于行为图深度学习的恶意软件检测
2. Malware Detection Based on Deep Learning of Behavior Graphs [J] . Xiao Fei, Lin Zhaowen, Sun Yi, Mathematical Problems in Engineering . 2019,第PTa4期

机译：基于行为图的深度学习的恶意软件检测
3. Malware Detection Based on Deep Learning of Behavior Graphs [J] . Fei Xiao, Zhaowen Lin, Yi Sun, Mathematical Problems in Engineering: Theory, Methods and Applications . 2019,第1期

机译：基于行为图的深度学习的恶意软件检测
4. An Approach for Detection and Family Classification of Malware Based on Behavioral Analysis [C] . Steven Strandlund Hansen, Thor Mark Tampus Larsen, Matija Stevanovic, International Conference on Computing, Networking and Communications . 2016

机译：基于行为分析的恶意软件检测和家庭分类方法
5. Malware Detection on Virtual Environment Based on Behavioral Anomalies [D] . Jayaswal, Abhilasha. 2020

机译：基于行为异常的虚拟环境恶意软件检测
6. Detecting and classifying method based on similarity matching of Android malware behavior with profile [O] . Jae-wook Jang, Jaesung Yun, Aziz Mohaisen, -1

机译：基于Android恶意软件行为与配置文件相似度匹配的检测分类方法
7. An Efficient Android Malware Detection System Based on Method-Level Behavioral Semantic Analysis [O] . Hanqing Zhang, Senlin Luo, Yifei Zhang, 2019

机译：基于方法级行为语义分析的高效Android恶意软件检测系统
8. Fall 2014 SEI Research Review: Behavior Based Analysis and Detection of Mobile Malware. [R] . Yankel, J., Morales, J. A., Yasar, H., 2014

机译：2014年秋季sEI研究回顾：基于行为的移动恶意软件分析和检测。

A malware detection method based on family behavior graph

摘要

著录项

相似文献

相关主题

期刊订阅