FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2625570400> ?p ?o ?g. }

• W2625570400 abstract "Protecting computer systems is a critical and ongoing problem, given that real-time malware detection is hard. The state-of-the-art for defense cannot keep pace with the increasing level of sophistication of malware. The industry, for instance, relies heavily on anti-virus technology for threat, which is effective for malware with known signatures, but not sustainable given the massive amount of malware samples released daily, as well as and its inefficacy in dealing with zero-day and polymorphic/metamorphic malware (practical detection rates range from 25% to 50%). Behavior-based approaches attempt to identify malware behaviors using instruction sequences, computation trace logic, and system (or API) call sequences. These solutions have been mostly based on conventional machine learning (ML) models with hand-craft features, such as K-nearest neighbor, SVM, and decision tree algorithms. However, current solutions based on ML suffer from high false-positive rates, mainly because of (i) the complexity and diversity of current software and malware, which are hard to capture during the learning phase of thealgorithms, (ii) sub-optimal feature extraction, and (iii) limited/outdated dataset. Since malware has been continuously evolving, existing protection mechanisms do not cope well with the increasedsophistication and complexity of these attacks, especially those performed by advanced persistent threats (APT), which are multi-module, stealthy, and target- focused. Furthermore, malware campaigns are not homogeneous--malware sophistication varies depending on the target, the type of service exploited as part of the attack (e.g., Internet Banking, relationship sites), the attack spreading source (e.g., phishing, drive-by downloads), and the location of the target. The accuracy of malware classification depends on gaining sufficient context information and extracting meaningful abstraction of behaviors. In problems about detecting malicious behavior based on sequence of system calls, longer sequences likely contain more information. However, classical ML- based detectors (i.e., Random Forest, Naive Bayes) often use short windows of system calls during the decision process and may not be able to extract enough features for accurate detection in a long term window. Thus, the main drawback of such approaches is to accomplish accurate detection, since it is difficult to analyze complex and longer sequences of malicious behaviors with limited window sizes, especially when malicious and benign behaviors are interposed. In contrast, Deep Learning models are capable of analyzing longer sequences of system calls and making better decisions through higher level information extraction and semantic knowledge learning. However, Deep Learning requires more computation time to estimate the probability of detection when the model needs to be retrained incrementally, a common requirement for malware detection when new variants and samples are frequently added to the training set. The trade-off is challenging: fast and not-so-accurate (classical ML methods) versus time-consuming and accurate detection (emerging Deep Learning methods). Our proposal is to leverage the best of the two worlds with Spectrum, a practical multi-stage malware- detection system operating in collaboration with the operating system (OS)." @default.
• W2625570400 created "2017-06-23" @default.
• W2625570400 creator A5010643450 @default.
• W2625570400 date "2017-05-01" @default.
• W2625570400 modified "2023-10-10" @default.
• W2625570400 title "PhD Forum: Deep Learning-Based Real-Time Malware Detection with Multi-Stage Analysis" @default.
• W2625570400 cites W2107409339 @default.
• W2625570400 cites W2126345423 @default.
• W2625570400 cites W2131523719 @default.
• W2625570400 cites W2137365926 @default.
• W2625570400 cites W2158167094 @default.
• W2625570400 cites W2167671111 @default.
• W2625570400 doi "https://doi.org/10.1109/smartcomp.2017.7946997" @default.
• W2625570400 hasPublicationYear "2017" @default.
• W2625570400 type Work @default.
• W2625570400 sameAs 2625570400 @default.
• W2625570400 citedByCount "22" @default.
• W2625570400 countsByYear W26255704002017 @default.
• W2625570400 countsByYear W26255704002018 @default.
• W2625570400 countsByYear W26255704002019 @default.
• W2625570400 countsByYear W26255704002020 @default.
• W2625570400 countsByYear W26255704002021 @default.
• W2625570400 countsByYear W26255704002022 @default.
• W2625570400 countsByYear W26255704002023 @default.
• W2625570400 crossrefType "proceedings-article" @default.
• W2625570400 hasAuthorship W2625570400A5010643450 @default.
• W2625570400 hasConcept C111919701 @default.
• W2625570400 hasConcept C119857082 @default.
• W2625570400 hasConcept C12267149 @default.
• W2625570400 hasConcept C154945302 @default.
• W2625570400 hasConcept C2779960059 @default.
• W2625570400 hasConcept C38652104 @default.
• W2625570400 hasConcept C41008148 @default.
• W2625570400 hasConcept C541664917 @default.
• W2625570400 hasConceptScore W2625570400C111919701 @default.
• W2625570400 hasConceptScore W2625570400C119857082 @default.
• W2625570400 hasConceptScore W2625570400C12267149 @default.
• W2625570400 hasConceptScore W2625570400C154945302 @default.
• W2625570400 hasConceptScore W2625570400C2779960059 @default.
• W2625570400 hasConceptScore W2625570400C38652104 @default.
• W2625570400 hasConceptScore W2625570400C41008148 @default.
• W2625570400 hasConceptScore W2625570400C541664917 @default.
• W2625570400 hasLocation W26255704001 @default.
• W2625570400 hasOpenAccess W2625570400 @default.
• W2625570400 hasPrimaryLocation W26255704001 @default.
• W2625570400 hasRelatedWork W1827256152 @default.
• W2625570400 hasRelatedWork W1996541855 @default.
• W2625570400 hasRelatedWork W2355927362 @default.
• W2625570400 hasRelatedWork W2961085424 @default.
• W2625570400 hasRelatedWork W2968586400 @default.
• W2625570400 hasRelatedWork W2980605179 @default.
• W2625570400 hasRelatedWork W3195168932 @default.
• W2625570400 hasRelatedWork W4205985752 @default.
• W2625570400 hasRelatedWork W4306674287 @default.
• W2625570400 hasRelatedWork W4313315004 @default.
• W2625570400 isParatext "false" @default.
• W2625570400 isRetracted "false" @default.
• W2625570400 magId "2625570400" @default.
• W2625570400 workType "article" @default.