• DocumentCode
    522781
  • Title

    A malicious software evaluation system based on behavior association

  • Author

    Wu, Yunlong ; Cui, Dong ; Zhang, Qiang

  • Author_Institution
    Sch. of Comput., Wuhan Univ., Wuhan, China
  • Volume
    1
  • fYear
    2010
  • fDate
    10-11 May 2010
  • Firstpage
    258
  • Lastpage
    260
  • Abstract
    The malicious software detection based on characteristics matching cannot find unknown malicious software and the origin of harms. To solve this problem, a method is proposed to detect malicious software according to the subject-object association. It uses SSDT HOOK technology to monitor the software behaviors and records those into logs. To improve the accuracy of detection, it proposes a risk assessment algorithm. First it does the subject-object behavior association in logs, and then makes the risk assessment for every subject to find the origin of harms.
  • Keywords
    Kernel; Monitoring; Optical computing; Photonics; Power engineering and energy; Risk management; Software design; Software safety; Software systems; Statistics; SSDT HOOK; behavior association; malicious software detection; risk assessment;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Optics Photonics and Energy Engineering (OPEE), 2010 International Conference on
  • Conference_Location
    Wuhan, China
  • Print_ISBN
    978-1-4244-5234-7
  • Electronic_ISBN
    978-1-4244-5236-1
  • Type

    conf

  • DOI
    10.1109/OPEE.2010.5508137
  • Filename
    5508137
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=522781