Evaluating Header Information Features for Malware Infection Detection
نویسندگان
چکیده
منابع مشابه
HTTP header heuristics for malware detection
Sophisticated!malware,!such!as!those!used!by!Advanced!Persistent!Threat!(APT)! groups,!will!attempt!to!avoid!detection!wherever!and!whenever!it!can.!However,! even!the!stealthiest!malware!will!have!to!communicate!at!some!point,!and!when!it! does!so,!it!provides!an!opportunity!for!detection.!This!paper!looks!at!a!number!of! techniques!to!identify!the!presence!of!malware!which!attempts!to!masquer...
متن کاملPE-Header-Based Malware Study and Detection
In this paper, I present a simple and faster apporach to distinguish between malware and legitimate .exe files by simply looking at properties of the MS Windows Portable Executable (PE) headers. We extract distinguishing features from the PEheaders using the structural information standardized by the Miscrosoft Windows operating system for executables. I use the following three methodology: (1)...
متن کاملExamining Features for Android Malware Detection
With the constantly increasing use of mobile devices, the need for effective malware detection algorithms is constantly growing. The research presented in this paper expands upon previous work that applied machine learning techniques to the area of Android malware detection by examining Java API call data as a method for malware detection. In addition to examining a new feature, a significant a...
متن کاملOptimal Features for Metamorphic Malware Detection
Malware or malicious code intends to harm computer systems without the knowledge of system users. These malicious softwares are unknowingly installed by naive users while browsing the Internet. Once installed, the malware performs unintentional activities like (a) steal username, password; (b) install spy software to provide remote access to the attackers; (c) flood spam messages; (d) perform d...
متن کاملNetwork Traffic Anomaly Detection Using Tcp Header Information
Fast and efficient intrusion detection systems are required by bulkier networks these days. Our project, which is a rule-based intrusion detection system based on the idea of NATE ([9, 10]), uses simple TCP header information to detect new TCP anomalies. We use a different clustering strategy and a more stringent dissimilarity calculation, and get better results by performing an empirical compa...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Information Processing
سال: 2015
ISSN: 1882-6652
DOI: 10.2197/ipsjjip.23.603