Li et al., 2021 - Google Patents
An IRL-based malware adversarial generation method to evade anti-malware enginesLi et al., 2021
- Document ID
- 12511445000551353809
- Author
- Li X
- Li Q
- Publication year
- Publication venue
- Computers & Security
External Links
Snippet
In order to reduce the risk of malware, researchers proposed various malware detection methods, in which the machine learning-based method has been paid more and more attention. However, malware developers used a variety of countermeasures to evade …
- 238000001514 detection method 0 abstract description 94
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/564—Static detection by virus signature recognition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/567—Computer malware detection or handling, e.g. anti-virus arrangements using dedicated hardware
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Singh et al. | A survey on machine learning-based malware detection in executable files | |
| Gibert et al. | The rise of machine learning for detection and classification of malware: Research developments, trends and challenges | |
| Nguyen et al. | A novel graph-based approach for IoT botnet detection | |
| Alazab | Profiling and classifying the behavior of malicious codes | |
| Anderson et al. | Learning to evade static pe machine learning malware models via reinforcement learning | |
| Liu et al. | ATMPA: attacking machine learning-based malware visualization detection methods via adversarial examples | |
| Khasawneh et al. | RHMD: Evasion-resilient hardware malware detectors | |
| Fan et al. | Malicious sequential pattern mining for automatic malware detection | |
| Bazrafshan et al. | A survey on heuristic malware detection techniques | |
| Fredrikson et al. | Synthesizing near-optimal malware specifications from suspicious behaviors | |
| Li et al. | An IRL-based malware adversarial generation method to evade anti-malware engines | |
| John et al. | Graph convolutional networks for android malware detection with system call graphs | |
| Yan et al. | A survey of adversarial attack and defense methods for malware classification in cyber security | |
| Siddiqui | Data mining methods for malware detection | |
| Park et al. | A survey on practical adversarial examples for malware classifiers | |
| Aldriwish | A deep learning approach for malware and software piracy threat detection | |
| Dib et al. | EVOLIoT: A self-supervised contrastive learning framework for detecting and characterizing evolving IoT malware variants | |
| Bilot et al. | A survey on malware detection with graph representation learning | |
| Thunga et al. | Identifying metamorphic virus using n-grams and hidden markov model | |
| Mohaisen et al. | Network-based analysis and classification of malware using behavioral artifacts ordering | |
| John et al. | Adversarial attacks and defenses in malware detection classifiers | |
| Gu et al. | From image to code: executable adversarial examples of android applications | |
| Osorio et al. | Segmented sandboxing-a novel approach to malware polymorphism detection | |
| Paul et al. | Survey of polymorphic worm signatures | |
| Shu et al. | EAGLE: Evasion attacks guided by local explanations against Android malware classification |