Movatterモバイル変換

[0]ホーム
URL:

Shenderovitz et al., 2024 - Google Patents

Bon-APT: Detection, attribution, and explainability of APT malware using temporal segmentation of API calls

Shenderovitz et al., 2024

Document ID
6327288007255294853
Author
Shenderovitz G
Nissim N
Publication year
Publication venue
Computers & Security

External Links

Snippet

Abstract Advanced Persistent Threats (APTs) are highly sophisticated cyberattacks that are aimed at achieving strategic goals and are usually backed by a well-funded entity. In this paper, we tackle the challenges of detecting and attributing APTs by proposing Bon-APT, a …
Continue reading atwww.sciencedirect.com (other versions)

Classifications

The classifications are assigned by a computer and are not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the classifications listed.
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/30Information retrieval; Database structures therefor; File system structures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K9/00Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
    • G06K9/62Methods or arrangements for recognition using electronic means
    • G06K9/6267Classification techniques
    • G06K9/6279Classification techniques relating to the number of classes
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K9/00Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
    • G06K9/62Methods or arrangements for recognition using electronic means
    • G06K9/6217Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K9/00Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
    • G06K9/62Methods or arrangements for recognition using electronic means
    • G06K9/6267Classification techniques
    • G06K9/6268Classification techniques relating to the classification paradigm, e.g. parametric or non-parametric approaches
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K9/00Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
    • G06K9/36Image preprocessing, i.e. processing the image information without deciding about the identity of the image
    • G06K9/46Extraction of features or characteristics of the image
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N99/00Subject matter not provided for in other groups of this subclass
    • G06N99/005Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computer systems utilising knowledge based models
    • G06N5/02Knowledge representation
    • G06N5/022Knowledge engineering, knowledge acquisition

Similar Documents

PublicationPublication DateTitle
Aslan et al.A new malware classification framework based on deep learning algorithms
Han et al.MalInsight: A systematic profiling based malware detection framework
Ni et al.Malware identification using visualization images and deep learning
Jindal et al.Neurlux: dynamic malware analysis without feature engineering
Fan et al.Malicious sequential pattern mining for automatic malware detection
Anderson et al.Improving malware classification: bridging the static/dynamic gap
Ghiasi et al.Dynamic VSA: a framework for malware detection based on register contents
Smith et al.Mind the gap: On bridging the semantic gap between machine learning and malware analysis
Shenderovitz et al.Bon-APT: Detection, attribution, and explainability of APT malware using temporal segmentation of API calls
Downing et al.{DeepReflect}: Discovering malicious functionality through binary reconstruction
LeDoux et al.Malware and machine learning
Zakeri et al.A static heuristic approach to detecting malware targets
Liras et al.Feature analysis for data-driven APT-related malware discrimination
Patil et al.Malware analysis using machine learning and deep learning techniques
Gandotra et al.Tools & Techniques for Malware Analysis and Classification.
Priya et al.Review on malware classification and malware detection using transfer learning approach
BragenMalware detection through opcode sequence analysis using machine learning
SharmaWindows malware detection using machine learning and TF-IDF enriched API calls information
Li et al.MDGraph: A novel malware detection method based on memory dump and graph neural network
CN119603031B (en) Network malicious attack monitoring method and system based on deep neural model
Baychev et al.Spearphishing malware: Do we really know the unknown?
Bhusal et al.Adversarial patterns: Building robust android malware classifiers
Smith et al.Mind the gap: On bridging the semantic gap between machine learning and information security
Dhavlle et al.A novel malware detection mechanism based on features extracted from converted malware binary images
Rozenberg et al.A method for detecting unknown malicious executables
[8]ページ先頭
©2009-2025 Movatter.jp