Comprehensive approach to the detection and analysis of polymorphic malware

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F25840886%3A_____%2F24%3AN0000009" target="_blank" >RIV/25840886:_____/24:N0000009 - isvavai.cz</a>

Výsledek na webu

<a href="https://ceur-ws.org/Vol-3736/paper23.pdf" target="_blank" >https://ceur-ws.org/Vol-3736/paper23.pdf</a>

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

Comprehensive approach to the detection and analysis of polymorphic malware

Popis výsledku v původním jazyce

The article examines the features of modern polymorphic malware and its impact on the functioning of computer systems. Existing approaches and methods of its detection and analysis are considered, such as: string search algorithm, intelligent data analysis, sandbox analysis, machine learning, structural feature engineering. Their advantages and disadvantages are determined. The necessity of using a new approach, namely the detection of malicious software using probabilistic logical networks, is argued. Its advantages and development prospects are determined. In the study, a comprehensive approach consisting of 3 stages is proposed for the detection of polymorphic malware. The first one uses string search algorithms. The second is a complex of methods, including intelligent data analysis, sandbox analysis, machine learning, and structural feature engineering. In the third step, the use of probabilistic logical networks is proposed, which will allow establishing the probability that the software belongs to polymorphic malware. The use of the proposed integrated approach will also allow to determine the necessary methods for neutralization of detected malicious software. This approach will maximize the probability of detecting polymorphic malware.

Název v anglickém jazyce

Comprehensive approach to the detection and analysis of polymorphic malware

Popis výsledku anglicky

The article examines the features of modern polymorphic malware and its impact on the functioning of computer systems. Existing approaches and methods of its detection and analysis are considered, such as: string search algorithm, intelligent data analysis, sandbox analysis, machine learning, structural feature engineering. Their advantages and disadvantages are determined. The necessity of using a new approach, namely the detection of malicious software using probabilistic logical networks, is argued. Its advantages and development prospects are determined. In the study, a comprehensive approach consisting of 3 stages is proposed for the detection of polymorphic malware. The first one uses string search algorithms. The second is a complex of methods, including intelligent data analysis, sandbox analysis, machine learning, and structural feature engineering. In the third step, the use of probabilistic logical networks is proposed, which will allow establishing the probability that the software belongs to polymorphic malware. The use of the proposed integrated approach will also allow to determine the necessary methods for neutralization of detected malicious software. This approach will maximize the probability of detecting polymorphic malware.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20202 - Communication engineering and systems

Projekt

—

Návaznosti

N - Vyzkumna aktivita podporovana z neverejnych zdroju

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

2024 1st International Workshop on Intelligent and CyberPhysical Systems

ISBN

—

ISSN

1613-0073

e-ISSN

—

Počet stran výsledku

12

Strana od-do

312-323

Název nakladatele

CEUR

Místo vydání

Khmelnytskyi, Ukraine

Místo konání akce

Khmelnytskyi, Ukraine

Datum konání akce

28. 6. 2024

Typ akce podle státní příslušnosti

EUR - Evropská akce

Kód UT WoS článku

—