图 书 馆
从灰名单的恶意软件检测智能文件评分系统Intelligent File Scoring System for Malware Detection from the Gray List |
|
| 课程网址: | http://videolectures.net/kdd09_ding_ifssmdgl/ |
| 主讲教师: | Chris Ding |
| 开课单位: | 德克萨斯大学 |
| 开课时间: | 2009-09-14 |
| 课程语种: | 英语 |
| 中文简介: |  |
| 课程简介: | Currently, the most significant line of defense against malware is anti-virus products which focus on authenticating valid software from a white list, blocking invalid software from a black list, and running any unknown software (i.e., the gray list) in a controlled manner. The gray list, containing unknown software programs which could be either normal or malicious, is usually authenticated or rejected manually by virus analysts. Unfortunately, along with the development of the malware writing techniques, the number of file samples in the gray list that need to be analyzed by virus analysts on a daily basis is constantly increasing. In this paper, we develop an intelligent file scoring system (IFSS for short) for malware detection from the gray list by an ensemble of heterogeneous base-level classifiers derived by different learning methods, using different feature representations on dynamic training sets. To the best of our knowledge, this is the first work of applying such ensemble methods for malware detection. IFSS makes it practical for virus analysts to identify malware samples from the huge gray list and improves the detection ability of anti-virus software. It has already been incorporated into the scanning tool of Kingsoft's Anti-Virus software. The case studies on large and real daily collection of the gray list illustrate that the detection ability and efficiency of our IFSS system outperforms other popular scanning tools such as NOD32 and Kaspersky. |
| 关 键 词: | 计算机科学; 数据挖掘; 安全和隐私 |
| 课程来源: | 视频讲座网 |
| 最后编审: | 2020-06-13:邬启凡(课程编辑志愿者) |
| 阅读次数: | 31 |