An Advanced Profile Hidden Markov Model for Malware Detection

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216208%3A11320%2F20%3A10424315" target="_blank" >RIV/00216208:11320/20:10424315 - isvavai.cz</a>

Výsledek na webu

<a href="https://verso.is.cuni.cz/pub/verso.fpl?fname=obd_publikace_handle&handle=-Pq5C_4REv" target="_blank" >https://verso.is.cuni.cz/pub/verso.fpl?fname=obd_publikace_handle&handle=-Pq5C_4REv</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.3233/IDA-194639" target="_blank" >10.3233/IDA-194639</a>

Jazyk výsledku

angličtina

Název v původním jazyce

An Advanced Profile Hidden Markov Model for Malware Detection

Popis výsledku v původním jazyce

The rapid growth of malicious software (malware) production in recent decades and the increasing number of threats posed by malware to network environments, such as the Internet and intelligent environments, emphasize the need for more research on the security of computer networks in information security and digital forensics. The method presented in this study identifies &quot;species&quot; of malware families, which are more sophisticated, obfuscated, and structurally diverse. We propose a hybrid technique combining aspects of signature detection with machine learning-based methods to classify malware families. The method is carried out by utilizing Profile Hidden Markov Models (PHMMs) on the behavioral characteristics of malware species. This paper explains the process of modeling and training an advanced PHMM using sequences obtained from the extraction of each malware family&apos;s paramount features, and the canonical sequences created in the process of Multiple Sequence Alignment (MSA) production. Due to the

Název v anglickém jazyce

An Advanced Profile Hidden Markov Model for Malware Detection

Popis výsledku anglicky

The rapid growth of malicious software (malware) production in recent decades and the increasing number of threats posed by malware to network environments, such as the Internet and intelligent environments, emphasize the need for more research on the security of computer networks in information security and digital forensics. The method presented in this study identifies &quot;species&quot; of malware families, which are more sophisticated, obfuscated, and structurally diverse. We propose a hybrid technique combining aspects of signature detection with machine learning-based methods to classify malware families. The method is carried out by utilizing Profile Hidden Markov Models (PHMMs) on the behavioral characteristics of malware species. This paper explains the process of modeling and training an advanced PHMM using sequences obtained from the extraction of each malware family&apos;s paramount features, and the canonical sequences created in the process of Multiple Sequence Alignment (MSA) production. Due to the

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/EF16_027%2F0008495" target="_blank" >EF16_027/0008495: Mezinárodní mobilita výzkumných pracovníků Univerzity Karlovy</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2020

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Intelligent Data Analysis

ISSN

1088-467X

e-ISSN

—

Svazek periodika

24

Číslo periodika v rámci svazku

4

Stát vydavatele periodika

NL - Nizozemsko

Počet stran výsledku

20

Strana od-do

759-778

Kód UT WoS článku

000551095000002

EID výsledku v databázi Scopus

2-s2.0-85089309653