Штучний інтелект

Науковий журнал

ISSN 2710-1673

ONLINE: ISSN 2710-1681

Шукати за:

Роком видання
Автором
Назвою статті

Метод машинного обучения для детектирования вредоносного по, использующий извлечение признаков из исполняемых файлов

Воронов А.А.1, Гороховик Я.В.2
1 Об’єднаний iнститут проблем iнформатики
2 Білоруський державний університет інформатики і радіоелектроніки,

Повний текст (PDF)

УДК: 004.93
Мова публікації: Англійська
Stuc. intelekt. 2018; 23; (3): 97-102

Анотація: A malicious software is generally an executable program which usually settles itself in the system, replicates by copying itself, and has a malicious effect. Modern antivirus systems detect malware by knowing its pattern and detect a new virus quite difficult. There are a lot of heuristic techniques are used for detecting an unknown malware which are usually consume a lot of system memory and CPU resources. This load can be overcome by training a machine learning model which collects features from Portable Executable (PE) file which are used for identifying an unknown virus patterns. A technique to collect these features from PE file is proposed in this paper.

Ключові слова:

Посилання:

  1. 1. Koret, J., Bachaalany, E. (2015) The Antivirus
  2. Hacker’s Handbook. Indianapolis, Indiana: John
  3. Wiley & Sons, Inc.
  4. 2. Brink, H., Richards, J.W., Fetherolf, M. (2017)
  5. Real-World Machine Learning. Shelter Island,
  6. NY: Manning Publications Co.
  7. 3. Stopel, D., Boger, Z., Moskovitch, R., Shahar, Y.,
  8. Elovici, Y. (2006) Improving Worm Detection
  9. with Artificial Neural Networks through Feature
  10. Selection and Temporal Analysis Techniques.
  11. Be’er Sheva, Israel: Deutsche Telekom
  12. Laboratories at Ben-Gurion University.
  13. 4. Nikolenko, S., Kadurin, A., Arhangelskaya, E.
  14. (2018) Glubokoe obuchenie – SPb.: Piter. – 480 s.
  15. 5. Tensorflow API documentation [Electronic
  16. resource]. Available from:
  17. https://www.tensorflow.org/api_docs/python/tf/nn/
  18. softmax_cross_entropy_with_logits_v2. Date of
  19. access: 28.09.2018.
  20. 6. Sikorski, M. (2012) Practical Malware Analysis.
  21. San Francisco: No Starch Press, Inc. 800 p.
  22. 7. Kasperski, K. (2005) Zapiski issledovatelya
  23. kompyuternyih virusov. – SPb.: Piter. 316 s.
  24. 8. Ligh, M.H. (2011) Malware Analyst’s Cookbook
  25. and DVD: Tools and Techniques for Fighting Malicious Code. Indianapolis: Wiley Publishing,
  26. Inc. 744 p.
  27. 9. Marak, V. (2015) Windows Malware Analysis
  28. Essentials: Master the fundamentals of malware
  29. analysis for the Windows platform and enhance
  30. your anti-malware skill set. Birmingham: Packt
  31. Publishing Ltd. 330 p.
  32. 10. Shamir, A. (1985) Identity-based cryptosystems
  33. and signature schemes. Advances in cryptology,
  34. Springer, pp. 47–53.
  35. 11. Sahai, A., Waters, B. (2005) Fuzzy identity-based
  36. encryption. Advances in Cryptology–
  37. EUROCRYPT 2005, pp. 557–557.
  38. 12. Wolf, S. (1998) Unconditional Security in
  39. Cryptography. Lectures on Data Security, Modern
  40. Cryptology in Theory and Practice, volume 1561
  41. of Lecture Notes in Computer Science, pp. 217–
  42. 250. Springer-Verlag, July 1998.
  43. 13.Cappaert, J., Wyseur, B., Preneel, B. (2004)
  44. Software security techniques. COSIC internal
  45. report, Katholieke Universiteit Leuven.
  46. 14.Dent, A.W. (2006) Fundamental problems in
  47. provable security and cryptography. Philosophical
  48. Transactions of the Royal Society A: Mathematical,
  49. Physical and Engineering Sciences,
  50. 364(1849):3215–3230.
  51. 15. Kasperski, K. (2008) Iskusstvo
  52. dizassemblirovaniya. BHV.: Piter, 896 s.

Переглянути повний текст статті (PDF)