Artificial neural network for decision of software maliciousness

With the rapidly development of virus technology, the number of malicious code has continued to increase. So it is imperative to optimize the traditional manual analysis method by automatic maliciousness decision system. Motivated by the inference technique for detecting viruses, and a recent successful classification method, we explore Radux-an automatic software maliciousness decision system. It rests on artificial neural network based on behavior hidden in malicious code. Decompile technique is applied to characterize behavioral and structural properties of binary code, which creates more abstract descriptions of malware. Experiment shows that this system can decision software maliciousness efficiently.

[1]  Stephanie Forrest,et al.  Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..

[2]  Laurene V. Fausett,et al.  Fundamentals Of Neural Networks , 1994 .

[3]  Wen Fu,et al.  Static Detection of API-Calling Behavior from Malicious Binary Executables , 2008, 2008 International Conference on Computer and Electrical Engineering.

[4]  Julie Greensmith,et al.  Immune System Approaches to Intrusion Detection - A Review , 2004, ICARIS.

[5]  Salvatore J. Stolfo,et al.  Data mining methods for detection of new malicious executables , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[6]  Julie Greensmith,et al.  Immune system approaches to intrusion detection – a review , 2004, Natural Computing.

[7]  Nasir Memon,et al.  EFFICIENT STATIC ANALYSIS OF EXECUTABLES FOR DETECTING MALICIOUS BEHAVIORS , 2005 .

[8]  Andrew H. Sung,et al.  Static analyzer of vicious executables (SAVE) , 2004, 20th Annual Computer Security Applications Conference.