All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

A Distributed Malware Detection Model Based on Sandbox Technology

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F25840886%3A_____%2F23%3AN0000010" target="_blank" >RIV/25840886:_____/23:N0000010 - isvavai.cz</a>

  • Result on the web

    <a href="https://ceur-ws.org/Vol-3373/paper32.pdf" target="_blank" >https://ceur-ws.org/Vol-3373/paper32.pdf</a>

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    A Distributed Malware Detection Model Based on Sandbox Technology

  • Original language description

    The article proposes a model for distributed malware detection using sandbox technology. The analysis of modern malware detection tools and an overview of existing attacks were carried out. The justification of the selected detection method to be used by the model is carried out. Its main disadvantages are identified and the use of the distributed system as its solution is proposed. The key features of the use of heterogeneous computer systems for calculations and their adaptation to perform the task were considered. Detection of malware is proposed to be solved by analyzing the states of sandboxes, and evenly distributing these states among the computational elements of the system. Analysis how these states are changing will signal about potentially malicious software that uses anti-emulation techniques, thereby allowing the detection of malware. The basic set of levels of the proposed model is presented. The main tasks for the protection of calculations are defined, taking into account that the model will work in system with dynamical topology. The basic concept of load distribution between computing elements is proposed in order to ensure the synchronous operation of the system, taking into account the heterogeneity of the system. Two main strategies for protecting computing both at the level of computational elements and at the level of intermediate servers are defined. A basic algorithm for adding new elements to the system is proposed, and the use of a rating model is presented, which will ensure an appropriate level of protection of calculations.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

  • Continuities

    N - Vyzkumna aktivita podporovana z neverejnych zdroju

Others

  • Publication year

    2023

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    IntelITSIS 2023 Intelligent Information Technologies & Systems of Information Security 2023

  • ISBN

  • ISSN

    1613-0073

  • e-ISSN

  • Number of pages

    11

  • Pages from-to

    475-485

  • Publisher name

    CEUR-WS.org

  • Place of publication

    Khmelnytskyi, Ukraine

  • Event location

    Khmelnytskyi

  • Event date

    Mar 22, 2023

  • Type of event by nationality

    EUR - Evropská akce

  • UT code for WoS article

Similar results(10)

A malware detection system based on context analysisProof of Stake And Proof of Work Approach for Malware Detection TechnologiesFacility Location Problems with Semi-Fixed Costs