DocumentCode :
522781
Title :
A malicious software evaluation system based on behavior association
Author :
Wu, Yunlong ; Cui, Dong ; Zhang, Qiang
Author_Institution :
Sch. of Comput., Wuhan Univ., Wuhan, China
Volume :
1
fYear :
2010
fDate :
10-11 May 2010
Firstpage :
258
Lastpage :
260
Abstract :
The malicious software detection based on characteristics matching cannot find unknown malicious software and the origin of harms. To solve this problem, a method is proposed to detect malicious software according to the subject-object association. It uses SSDT HOOK technology to monitor the software behaviors and records those into logs. To improve the accuracy of detection, it proposes a risk assessment algorithm. First it does the subject-object behavior association in logs, and then makes the risk assessment for every subject to find the origin of harms.
Keywords :
Kernel; Monitoring; Optical computing; Photonics; Power engineering and energy; Risk management; Software design; Software safety; Software systems; Statistics; SSDT HOOK; behavior association; malicious software detection; risk assessment;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Optics Photonics and Energy Engineering (OPEE), 2010 International Conference on
Conference_Location :
Wuhan, China
Print_ISBN :
978-1-4244-5234-7
Electronic_ISBN :
978-1-4244-5236-1
Type :
conf
DOI :
10.1109/OPEE.2010.5508137
Filename :
5508137
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=522781
بازگشت