MALWARE ANALYSIS AND DETECTION USING GRAPH-BASED CHARACTERIZATION AND MACHINE LEARNING
Malware detection methods systems, and apparatus are described. Malware may be detected by obtaining a plurality of malware binary executables and a plurality of goodware binary executables, decompiling the plurality of malware binary executables and the plurality of goodware binary executable to ex...
Saved in:
| Main Author | |
|---|---|
| Format | Patent |
| Language | English |
| Published |
09.03.2017
|
| Subjects | |
| Online Access | Get full text |
Cover
| Abstract | Malware detection methods systems, and apparatus are described. Malware may be detected by obtaining a plurality of malware binary executables and a plurality of goodware binary executables, decompiling the plurality of malware binary executables and the plurality of goodware binary executable to extract corresponding assembly code for each of the plurality of malware binary executables and the plurality of goodware binary executable, constructing call graphs for each of the plurality of malware binary executables and the plurality of goodware binary executables from the corresponding assembly code, determining similarities between the call graphs using graph kernels applied to the call graphs for each of the plurality of malware binary executables and the plurality of goodware binary executables, building a malware detection model from the determined similarities between call graphs by applying a machine learning algorithm such as a deep neural network (DNN) algorithm to the determined similarities, and identifying whether a subject executable is malware by applying the built malware detection model to the subject executable. |
|---|---|
| AbstractList | Malware detection methods systems, and apparatus are described. Malware may be detected by obtaining a plurality of malware binary executables and a plurality of goodware binary executables, decompiling the plurality of malware binary executables and the plurality of goodware binary executable to extract corresponding assembly code for each of the plurality of malware binary executables and the plurality of goodware binary executable, constructing call graphs for each of the plurality of malware binary executables and the plurality of goodware binary executables from the corresponding assembly code, determining similarities between the call graphs using graph kernels applied to the call graphs for each of the plurality of malware binary executables and the plurality of goodware binary executables, building a malware detection model from the determined similarities between call graphs by applying a machine learning algorithm such as a deep neural network (DNN) algorithm to the determined similarities, and identifying whether a subject executable is malware by applying the built malware detection model to the subject executable. |
| Author | CAVAZOS JOHN |
| Author_xml | – fullname: CAVAZOS JOHN |
| BookMark | eNrjYmDJy89L5WQI83X0CXcMclVw9HP0iQz2DAYyXBRcXENcnUM8_f0UQoM9_dwV3IMcAzx0nRyDXV0UnD0cgxydQ1yDPKMcwUpAGnwdnT08_VwVfFwdg_yAOngYWNMSc4pTeaE0N4Oym2uIs4duakF-fGpxQWJyal5qSXxosJGBobmBmYWFoZmjoTFxqgCAkDND |
| ContentType | Patent |
| DBID | EVB |
| DatabaseName | esp@cenet |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: EVB name: esp@cenet url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Medicine Chemistry Sciences Physics |
| ExternalDocumentID | US2017068816A1 |
| GroupedDBID | EVB |
| ID | FETCH-epo_espacenet_US2017068816A13 |
| IEDL.DBID | EVB |
| IngestDate | Fri Jul 19 15:16:00 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-epo_espacenet_US2017068816A13 |
| Notes | Application Number: US201615256883 |
| OpenAccessLink | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20170309&DB=EPODOC&CC=US&NR=2017068816A1 |
| ParticipantIDs | epo_espacenet_US2017068816A1 |
| PublicationCentury | 2000 |
| PublicationDate | 20170309 |
| PublicationDateYYYYMMDD | 2017-03-09 |
| PublicationDate_xml | – month: 03 year: 2017 text: 20170309 day: 09 |
| PublicationDecade | 2010 |
| PublicationYear | 2017 |
| RelatedCompanies | UNIVERSITY OF DELAWARE CAVAZOS JOHN |
| RelatedCompanies_xml | – name: CAVAZOS JOHN – name: UNIVERSITY OF DELAWARE |
| Score | 3.0068755 |
| Snippet | Malware detection methods systems, and apparatus are described. Malware may be detected by obtaining a plurality of malware binary executables and a plurality... |
| SourceID | epo |
| SourceType | Open Access Repository |
| SubjectTerms | CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| Title | MALWARE ANALYSIS AND DETECTION USING GRAPH-BASED CHARACTERIZATION AND MACHINE LEARNING |
| URI | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20170309&DB=EPODOC&locale=&CC=US&NR=2017068816A1 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfR1dT8Iw8ELw801R4weaJZq9Lab7KO0DMaUrDMMG2QDRF7KvBxMziMz49-0qKE-8NG0vd2mbXnt3vbsCPNgkJtSMqeG0qGnYOEFGTJxMFiRLWwTFNK0M-n6AvYn9PHNmNfjYxMKoPKHfKjmi5KhU8nupzuvlvxHLVb6Vq8fkXXYtnrrjtquvtWNU7V-qu522GA3dIdc5b08iPQh_YZgQhJnUlfZMx8IVG4tpp4pLWW5fKt0T2B9JekV5CrW8aMAR3_y91oBDf_3k3YAD5aOZrmTnmg9XZzD12eCFhUJjARu8Rv1IVlzNFWOhfEK06jONntYL2cgzOiwSrsY9FjIuZdf-m7JKKQSfca8fCG0gWBhIjHO474ox9ww51Pnfyswn0fa8rAuoF4sivwQNoyRGWWolyJYiA8IkziyTYpQRO6UWxlfQ3EXpejf4Bo6rpnLFok2ol59f-a28m8vkTi3pD-O9iWE |
| linkProvider | European Patent Office |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfR1dT8Iw8ELwA98UNX6gLtHsbTFlo7QPxJSusOk2yDYQfSH74MHEAJEZ_75dBfWJl6bp5S7tpdfeXe-uAHcWSQhtJtRotWnTsHCKjIS0ctmQPGsTlNCsdOj7AXZG1uOkNanA-yYXRtUJ_VLFEaVEZVLeC3VeL_-cWLaKrVzdp29yaPHQizu2vraOUbl_qW53O2I4sAdc57wzivQg_IFhQhBm0lbakUcAUWbbuFvmpSz_Xyq9Q9gdSnrz4ggqs3kdanzz91od9v31k3cd9lSMZraSg2s5XB3D2GfeMwuFxgLmvURuJDu2ZotYqJgQrfxMo6_1QzZ0jC6LhK1xh4WMS93VfVVeKYXgM-64gdA8wcJAYpzAbU_E3DHkVKe_nJmOov_rMk-hOl_MZ2egYZQmKM_MFFlSZUCYJLnZpBjlxMqoifE5NLZRutgOvoGaE_ve1HODp0s4KEEqLIs2oFp8fM6u5D1dpNeKvd-HdYxY |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=MALWARE+ANALYSIS+AND+DETECTION+USING+GRAPH-BASED+CHARACTERIZATION+AND+MACHINE+LEARNING&rft.inventor=CAVAZOS+JOHN&rft.date=2017-03-09&rft.externalDBID=A1&rft.externalDocID=US2017068816A1 |