DocumentCode :
3116169
Title :
Data mining methods for detection of new malicious executables
Author :
Schultz, Matthew G. ; Eskin, Eleazar ; Zadok, Erez ; Stolfo, Salvatore J.
Author_Institution :
Dept. of Comput. Sci., Columbia Univ., New York, NY, USA
fYear :
2001
fDate :
2001
Firstpage :
38
Lastpage :
49
Abstract :
A serious security threat today is malicious executables, especially new, unseen malicious executables often arriving as email attachments. These new malicious executables are created at the rate of thousands every year and pose a serious security threat. Current anti-virus systems attempt to detect these new malicious programs with heuristics generated by hand. This approach is costly and oftentimes ineffective. We present a data mining framework that detects new, previously unseen malicious executables accurately and automatically. The data mining framework automatically found patterns in our data set and used these patterns to detect a set of new malicious binaries. Comparing our detection methods with a traditional signature-based method, our method more than doubles the current detection rates for new malicious executables
Keywords :
data mining; electronic mail; pattern recognition; security of data; anti-virus systems; data mining; data security; data set; email attachments; heuristics; malicious binaries; malicious executable detection; pattern recognition; security threat; signature-based method; Computer science; Computer security; Data mining; Data security; Face detection; Information security; Permission; Protection; Testing; Training data;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Security and Privacy, 2001. S&P 2001. Proceedings. 2001 IEEE Symposium on
Conference_Location :
Oakland, CA
ISSN :
1081-6011
Print_ISBN :
0-7695-1046-9
Type :
conf
DOI :
10.1109/SECPRI.2001.924286
Filename :
924286
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3116169
بازگشت