Results 1 -
4 of
4
Opcode sequences as representation of executables for data-mining-based unknown malware detection
- INFORMATION SCIENCES 227
, 2013
"... Malware can be defined as any type of malicious code that has the potential to harm a computer or network. The volume of malware is growing faster every year and poses a serious global security threat. Consequently, malware detection has become a critical topic in computer security. Currently, signa ..."
Abstract
-
Cited by 12 (0 self)
- Add to MetaCart
(Show Context)
Malware can be defined as any type of malicious code that has the potential to harm a computer or network. The volume of malware is growing faster every year and poses a serious global security threat. Consequently, malware detection has become a critical topic in computer security. Currently, signature-based detection is the most widespread method used in commercial antivirus. In spite of the broad use of this method, it can detect malware only after the malicious executable has already caused damage and provided the malware is adequately documented. Therefore, the signature-based method consistently fails to detect new malware. In this paper, we propose a new method to detect unknown malware families. This model is based on the frequency of the appearance of opcode sequences. Furthermore, we describe a technique to mine the relevance of each opcode and assess the frequency of each opcode sequence. In addition, we provide empirical validation that this new method is capable of detecting unknown malware.
ATTACK PATTERN ONTOLOGY – A COMMON LANGUAGE FOR ATTACK INFORMATION SHARING BETWEEN ORGANISATIONS
, 2015
"... Cyber attack nowadays is increasingly being reported. Organisations must protect every potential vulnerability to secure a system; yet, to attack a system, attackers only need to find a single vulnerability. Therefore, defenders need a good understanding of attacker’s perspective in order to accurat ..."
Abstract
- Add to MetaCart
Cyber attack nowadays is increasingly being reported. Organisations must protect every potential vulnerability to secure a system; yet, to attack a system, attackers only need to find a single vulnerability. Therefore, defenders need a good understanding of attacker’s perspective in order to accurately anticipate threats and effectively mitigate attacks. They can gain such understanding through sharing attack information with other organisations. According to the current situation and trends, we propose sharing attack pattern as a means to enhance cyber security, which has 3 advantages over other ways of information sharing: attack pattern captures attacker’s perspective that helps defender to accurately anticipate threats; attack pattern is generic thus sharing it decreases the possibility of disclosing vulnerabilities of single organisation; attack pattern excludes redundant details that may be inapplicable for most of the organisations. However, 2 knowledge gaps exist on the topic of sharing attack pattern (a) there is no shared understanding about the attack pattern concept and (b) information sharing is not considered as one usage of attack pattern. In order to fill in these knowledge gaps, the main research question of this thesis is:
Article Distributed Global Function Model Finding for Wireless Sensor Network Data
"... applied sciences ..."
(Show Context)
