Learning Explainable Representations of Malware Behavior
نویسندگان
چکیده
We address the problems of identifying malware in network telemetry logs and providing indicators compromise—comprehensible explanations behavioral patterns that identify threat. In our system, an array specialized detectors abstracts network-flow data into comprehensible events a first step. develop neural processes this sequence identifies specific threats, families broad categories malware. then use integrated-gradients method to highlight jointly constitute characteristic pattern compare architectures based on CNNs, LSTMs, transformers, explore efficacy unsupervised pre-training experimentally large-scale data. demonstrate how system detects njRAT other patterns.
منابع مشابه
Learning and Classification of Malware Behavior
Malicious software in form of Internet worms, computer viruses, and Trojan horses poses a major threat to the security of networked systems. The diversity and amount of its variants severely undermine the e ectiveness of classical signature-based detection. Yet variants of malware families share typical behavioral patterns reflecting its origin and purpose. We aim to exploit these shared patter...
متن کاملAutomatic analysis of malware behavior using machine learning
Malicious software—so called malware—poses a major threat to the security of computer systems. The amount and diversity of its variants render classic security defenses ineffective, such that millions of hosts in the Internet are infected with malware in form of computer viruses, Internet worms and Trojan horses. While obfuscation and polymorphism employed by malware largely impede detection at...
متن کاملBehavior Classification based Self-learning Mobile Malware Detection
More and more mobile malware appears on mobile internet and pose great threat to mobile users. It is difficult for traditional signature-based anti-malware system to detect the polymorphic and metamorphic mobile malware. A mobile malware behavior analysis method based on behavior classification and self-learning data mining is proposed to detect the malicious network behavior of the unknown or ...
متن کاملStructural Definition of Malware Behavior
Als Grundgedanke hinter diesem Event steht der Wunsch, dass jede österreichische Institution, die einen Security-Lehrgang bzw. Lehrschwerpunkt anbietet, ihren besten Studierenden die Möglichkeit gibt, die eigenen Arbeiten vorzutragen und so eine " Nachwuchsvernetzung " zu fördern.
متن کاملLearning recurrent representations for hierarchical behavior modeling
We propose a framework for detecting action patterns from motion sequences and modeling the sensory-motor relationship of animals, using a generative recurrent neural network. The network has a discriminative part (classifying actions) and a generative part (predicting motion), whose recurrent cells are laterally connected, allowing higher levels of the network to represent high level behaviora...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Lecture Notes in Computer Science
سال: 2021
ISSN: ['1611-3349', '0302-9743']
DOI: https://doi.org/10.1007/978-3-030-86514-6_4