Ficco, 2019 - Google Patents
Detecting IoT malware by Markov chain behavioral modelsFicco, 2019
View PDF- Document ID
- 17157303235286084879
- Author
- Ficco M
- Publication year
- Publication venue
- 2019 IEEE International Conference on Cloud Engineering (IC2E)
External Links
Snippet
Internet of Things (IoT) is become one of the most important technological sector in recent years, and the focus of attention in many fields, including military applications, healthcare, agriculture, industry, and space science, made it very attractive for cyber-attacks. Especially …
- 230000003542 behavioural 0 title description 5
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30587—Details of specialised database models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F19/00—Digital computing or data processing equipment or methods, specially adapted for specific applications
- G06F19/10—Bioinformatics, i.e. methods or systems for genetic or protein-related data processing in computational molecular biology
- G06F19/20—Bioinformatics, i.e. methods or systems for genetic or protein-related data processing in computational molecular biology for hybridisation or gene expression, e.g. microarrays, sequencing by hybridisation, normalisation, profiling, noise correction models, expression ratio estimation, probe design or probe optimisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
- G06F17/14—Fourier, Walsh or analogous domain transformations, e.g. Laplace, Hilbert, Karhunen-Loeve, transforms
- G06F17/141—Discrete Fourier transforms
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ficco | Detecting IoT malware by Markov chain behavioral models | |
| Aslan et al. | A new malware classification framework based on deep learning algorithms | |
| Aslan et al. | A comprehensive review on malware detection approaches | |
| Su et al. | A deep learning approach to android malware feature learning and detection | |
| Canfora et al. | An hmm and structural entropy based detector for android malware: An empirical study | |
| Bernardi et al. | Dynamic malware detection and phylogeny analysis using process mining | |
| Yerima et al. | Android malware detection using parallel machine learning classifiers | |
| KR102160659B1 (en) | Detection of anomalous program execution using hardware-based micro-architectural data | |
| Wu et al. | Droidmat: Android malware detection through manifest and api calls tracing | |
| Darem et al. | An adaptive behavioral-based incremental batch learning malware variants detection model using concept drift detection and sequential deep learning | |
| D’Angelo et al. | Association rule-based malware classification using common subsequences of API calls | |
| Bayazit et al. | Malware detection in android systems with traditional machine learning models: a survey | |
| Chaba et al. | Malware detection approach for android systems using system call logs | |
| Wang et al. | TKRD: Trusted kernel rootkit detection for cybersecurity of VMs based on machine learning and memory forensic analysis | |
| Javaheri et al. | A novel method for detecting future generations of targeted and metamorphic malware based on genetic algorithm | |
| Xiao et al. | Identifying Android malware with system call co‐occurrence matrices | |
| Visalakshi | Detecting android malware using an improved filter based technique in embedded software | |
| Alazab et al. | Detecting malicious behaviour using supervised learning algorithms of the function calls | |
| Wang et al. | An android malware dynamic detection method based on service call co-occurrence matrices | |
| Bernardi et al. | A fuzzy-based process mining approach for dynamic malware detection | |
| Altaher et al. | Android malware classification based on ANFIS with fuzzy c-means clustering using significant application permissions | |
| Zhao et al. | Evaluation of supervised machine learning techniques for dynamic malware detection | |
| Ficco | Comparing API call sequence algorithms for malware detection | |
| Dehkordy et al. | DroidTKM: Detection of trojan families using the KNN classifier based on manhattan distance metric | |
| Shafin et al. | Detection of android malware using tree-based ensemble stacking model |