FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4317889956> ?p ?o ?g. }

• W4317889956 endingPage "386" @default.
• W4317889956 startingPage "371" @default.
• W4317889956 abstract "The paper focuses on malware classification, based on semantic analysis of disassembled binaries sections’ opcodes with the use of n-grams, TF-IDF indicator and machine learning algorithms. The purpose of the research is to improve and extend the variety of methods for identifying malware developed for UNIX-likeoperating systems. The taskof the research is to create an algorithm, which can identify the types of threats in malicious binary files using n-grams, TF-IDF indicator and machine learning algorithms. Malware classification process can be based either on static or dynamic signatures. Static signatures can be represented as byte-code sequences, binary-assembled instructions, or importedlibraries. Dynamic signatures can be represented as the sequence of actions made by malware. We will use a static signatures strategy for semantic analysis and classification of malware. In this paper,we will work with binary ELF files, which is the mostcommon executable file type for UNIX-likeoperating systems. For the purpose of this research we gathered 2999 malwareELFfiles, using data from VirusShare and VirusTotal sites, and 959 non malware program files from /usr/bin directory in Linux operatingsystem. Each malware file represents one of 3 malware families: Gafgyt, Mirai, and Lightaidra, which are popular and harmful threats to UNIX systems. Each ELF file in dataset was labelled according to its type. The proposed classification algorithm consists of several preparation steps: disassembly of every ELF binary file from the dataset and semantically processing and vectorizing assembly instructions in each file section. For the settingclassification threshold, the Multinomial Naive Bayes model is used. Using the classification threshold, we define the sizefor n-grams and the section of the file, which will give the best classification results. For obtaining the best score, multiple machine learning models, along with hyperparameter optimization, will be used. As a metric of the accuracy of the designed algorithm, mean accuracy and weighted F1 score are used. Stochastic gradient descent for SVM model was selected as the best performing ML model, based on the obtained experimental results.Developed algorithm was experimentally proved to be effective for classifying malware for UNIX operating systems. Results were analyzed and used for making conclusions and suggestions for future work" @default.
• W4317889956 created "2023-01-25" @default.
• W4317889956 creator A5065205712 @default.
• W4317889956 creator A5079380446 @default.
• W4317889956 date "2022-12-28" @default.
• W4317889956 modified "2023-09-30" @default.
• W4317889956 title "Semantic analysis and classifi- cation of malware for UNIX-like operating systems with the use of machine learning methods" @default.
• W4317889956 doi "https://doi.org/10.15276/aait.05.2022.25" @default.
• W4317889956 hasPublicationYear "2022" @default.
• W4317889956 type Work @default.
• W4317889956 citedByCount "0" @default.
• W4317889956 crossrefType "journal-article" @default.
• W4317889956 hasAuthorship W4317889956A5065205712 @default.
• W4317889956 hasAuthorship W4317889956A5079380446 @default.
• W4317889956 hasBestOaLocation W43178899561 @default.
• W4317889956 hasConcept C111919701 @default.
• W4317889956 hasConcept C112968700 @default.
• W4317889956 hasConcept C119857082 @default.
• W4317889956 hasConcept C12267149 @default.
• W4317889956 hasConcept C154945302 @default.
• W4317889956 hasConcept C160145156 @default.
• W4317889956 hasConcept C2777904410 @default.
• W4317889956 hasConcept C2779395397 @default.
• W4317889956 hasConcept C41008148 @default.
• W4317889956 hasConcept C52001869 @default.
• W4317889956 hasConcept C541664917 @default.
• W4317889956 hasConcept C84525096 @default.
• W4317889956 hasConceptScore W4317889956C111919701 @default.
• W4317889956 hasConceptScore W4317889956C112968700 @default.
• W4317889956 hasConceptScore W4317889956C119857082 @default.
• W4317889956 hasConceptScore W4317889956C12267149 @default.
• W4317889956 hasConceptScore W4317889956C154945302 @default.
• W4317889956 hasConceptScore W4317889956C160145156 @default.
• W4317889956 hasConceptScore W4317889956C2777904410 @default.
• W4317889956 hasConceptScore W4317889956C2779395397 @default.
• W4317889956 hasConceptScore W4317889956C41008148 @default.
• W4317889956 hasConceptScore W4317889956C52001869 @default.
• W4317889956 hasConceptScore W4317889956C541664917 @default.
• W4317889956 hasConceptScore W4317889956C84525096 @default.
• W4317889956 hasIssue "4" @default.
• W4317889956 hasLocation W43178899561 @default.
• W4317889956 hasOpenAccess W4317889956 @default.
• W4317889956 hasPrimaryLocation W43178899561 @default.
• W4317889956 hasRelatedWork W1503224444 @default.
• W4317889956 hasRelatedWork W2008324060 @default.
• W4317889956 hasRelatedWork W2053632570 @default.
• W4317889956 hasRelatedWork W2148542813 @default.
• W4317889956 hasRelatedWork W2610659201 @default.
• W4317889956 hasRelatedWork W280584339 @default.
• W4317889956 hasRelatedWork W2966341190 @default.
• W4317889956 hasRelatedWork W3025424853 @default.
• W4317889956 hasRelatedWork W4317889956 @default.
• W4317889956 hasRelatedWork W4382794599 @default.
• W4317889956 hasVolume "5" @default.
• W4317889956 isParatext "false" @default.
• W4317889956 isRetracted "false" @default.
• W4317889956 workType "article" @default.