Malware Identification Using Cognitively-Inspired Inference
نویسندگان
چکیده
Malware reverse-engineering is an important type of analysis in cybersecurity. Rapidly identifying the tasks that a piece of malware is designed to perform is an important part of reverse engineering that is generally manually performed as it relies heavily on human intuition This paper describes how the use of cognitively-inspired inference can assist in automating some of malware task identification. Computational models derived from humaninspired inference were able to reach relatively higher asymptotic performance faster than traditional machine learning approaches such as decision trees and naïve Bayes classifiers. Using a real-world malware dataset, these cognitive models identified sets of tasks with an unbiased F1 measure of 0.94. Even when trained on historical datasets of malware samples from different families, the cognitive models still maintained the precision of decision tree and Bayes classifiers while providing a significant improvement to recall.
منابع مشابه
Host-Rx: Automated Malware Diagnosis Based on Probabilistic Behavior Models
We explore a new approach to using a VM-based honeyfarm for harvesting complex infection forensics live from the Internet and rapidly applying this gained knowledge to develop a new probabilistic methodology for diagnosing the presence of malware in host computer systems. Our approach builds on a rich model of infection representation that captures the complexities in host forensic attribute pr...
متن کاملIntelligent Hybrid Approach for Android Malware Detection based on Permissions and API Calls
Android malware is rapidly becoming a potential threat to users. The number of Android malware is growing exponentially; they become significantly sophisticated and cause potential financial and information losses for users. Hence, there is a need for effective and efficient techniques to detect the Android malware applications. This paper proposes an intelligent hybrid approach for Android mal...
متن کاملApplication of Adaptive Neuro-Fuzzy Inference System for Information Secuirty
Problem statement: Computer networks are expanding at very fast rate and the number of network users is increasing day by day, for full utilization of networks it need to be secured against many threats including malware, which is harmful software with the capability to damage data and systems. Fuzzy rule based classification systems considered as an active research area in recent years, due to...
متن کاملObfuscation-Resilient, Efficient, and Accurate Detection and Family Identification of Android Malware
The number of Android malware apps are increasing very quickly. Simply detecting and removing malware apps is insufficient, since they can damage or alter other files, data, or settings; install additional applications; etc. To determine such behavior, a security engineer can significantly benefit from identifying the specific family to which an Android malware belongs. Techniques for detecting...
متن کاملDyHAP: Dynamic Hybrid ANFIS-PSO Approach for Predicting Mobile Malware
To deal with the large number of malicious mobile applications (e.g. mobile malware), a number of malware detection systems have been proposed in the literature. In this paper, we propose a hybrid method to find the optimum parameters that can be used to facilitate mobile malware identification. We also present a multi agent system architecture comprising three system agents (i.e. sniffer, extr...
متن کامل