首页>
外国专利>
Generation of behavioral signatures using the clustering
Generation of behavioral signatures using the clustering
展开▼
机译:使用聚类生成行为签名
展开▼
页面导航
摘要
著录项
相似文献
摘要
Generating behavior signatures to detect malware. By using a computer, to collect the trace behavior of malware malware data set. Behavior trace describes the continuous behavior that was performed by the malware. Generating a malware behavior sequence by normalizing the behavior trace. Clustering together the malware behavior sequence similar. Malware behavior sequence in the cluster, I will describe the behavior of the malware family. To identify the behavior of sub-sequence common to malware family of clusters by analyzing the cluster. The behavior signature for malware family, is generated using the behavior subsequence. To match that of the existing cluster by normalizing if possible traces of new malware. The behavioral signature for that cluster, it is generated based on the sequence of the other behavior and sequence of new malware cluster.
展开▼