Extracting malicious behaviours
نویسندگان
چکیده
In recent years, the damage cost caused by malwares is huge. Thus, malware detection a big challenge. The task of specifying takes huge amount time and engineering effort since it currently requires manual study malicious code. in order to avoid tedious analysis codes, this has be automatised. To aim, we propose work represent behaviours using extended API call graphs, where nodes correspond function calls, edges specify execution between functions, edge labels indicate dependence relation functions parameters. We define new static techniques that allow extract such graphs from programs, show how automatically extract, set benign an graph represents behaviours. Finally, can used for detection. implemented our obtained encouraging results: 95.66% rate with 0% false alarms.
منابع مشابه
Learning Robot Behaviours by Extracting Fuzzy Rules from Demonstrated Actions
In this paper we describe a supervised robot learning method which enables a mobile robot to acquire the ability to follow walls and negotiate confined spaces by having these behaviours demonstrated with example actions. We achieve this by demonstrating the desired motion with a remote control while accumulating training data from the robot’s sensors and teacher’s instructions. To speed up lear...
متن کاملPredicting Insider's Malicious Security Behaviours: A General Strain Theory-Based Conceptual Model
Insider’s malicious information security behaviours have always been a persistent problem and requiring urgent mitigation solutions. More recently, seminal calls for future research suggested exploring the influences of employee-workplace interaction and pre-kinetic events such as organisational injustice since they are argued to hold potential impacts on the insider’s intention to perform abus...
متن کاملMalicious Code *
Malicious code is as big of a problem today as it ever was, if not larger still. Software is becoming increasingly more complex, and many software systems themselves do not operate in isolation but rather are connected and in fact sometimes dependent on other systems. An attack on a software system therefore is a potential attack on any other system that it may interact with, which further magn...
متن کاملMalicious Keccak
In this paper, we investigate Keccak — the cryptographic hash function adopted as the SHA-3 standard. We propose a malicious variant of the function, where new round constants are introduced. We show that for such the variant, collision and preimage attacks are possible. We also identify a class of weak keys for the malicious Keccak working in the MAC mode. Ideas presented in the paper were ver...
متن کاملMalicious Software
Malicious software is one of the concerns of the contemporary computing environment. Malcontents, pranksters, vandals, and adversaries all have the potential ability to disrupt the conduct of our computing business. Prudence dictates that we analyze the situation and take appropriate countermeasures. As with other concerns, the first responsive step is to perform a risk analysis. In the risk an...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Information and Computer Security
سال: 2022
ISSN: ['1744-1765', '1744-1773']
DOI: https://doi.org/10.1504/ijics.2022.122380