Stopel et al., 2009 - Google Patents
Using artificial neural networks to detect unknown computer wormsStopel et al., 2009
View PDF- Document ID
- 7235482334587194224
- Author
- Stopel D
- Moskovitch R
- Boger Z
- Shahar Y
- Elovici Y
- Publication year
- Publication venue
- Neural Computing and Applications
External Links
Snippet
Detecting computer worms is a highly challenging task. We present a new approach that uses artificial neural networks (ANN) to detect the presence of computer worms based on measurements of computer behavior. We compare ANN to three other classification …
- 230000001537 neural 0 title abstract description 8
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computer systems based on biological models
- G06N3/02—Computer systems based on biological models using neural network models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Abdallah et al. | Intrusion detection systems using supervised machine learning techniques: a survey | |
| Moskovitch et al. | Detection of unknown computer worms based on behavioral classification of the host | |
| Nissim et al. | Detecting unknown computer worm activity via support vector machines and active learning | |
| Shrivastava et al. | Attack detection and forensics using honeypot in IoT environment | |
| Li et al. | DMalNet: Dynamic malware analysis based on API feature engineering and graph learning | |
| EP1814055B1 (en) | Improved method and system for detecting malicious behavioral patterns in a computer, using machine learning | |
| Subba et al. | A tfidfvectorizer and singular value decomposition based host intrusion detection system framework for detecting anomalous system processes | |
| Tajoddin et al. | RAMD: registry-based anomaly malware detection using one-class ensemble classifiers | |
| Abirami et al. | Building an ensemble learning based algorithm for improving intrusion detection system | |
| Jang et al. | Mal‐Netminer: Malware Classification Approach Based on Social Network Analysis of System Call Graph | |
| Gulmez et al. | XRan: Explainable deep learning-based ransomware detection using dynamic analysis | |
| Finder et al. | Time-interval temporal patterns can beat and explain the malware | |
| Stopel et al. | Application of artificial neural networks techniques to computer worm detection | |
| Zouhri et al. | Evaluating the impact of filter-based feature selection in intrusion detection systems | |
| EP1879124A1 (en) | Improved method and system for detecting malicious behavioral patterns in a computer, using machine leaning | |
| Stopel et al. | Using artificial neural networks to detect unknown computer worms | |
| Surakhi et al. | A comprehensive survey for machine learning and deep learning applications for detecting intrusion detection | |
| Baychev et al. | Spearphishing malware: Do we really know the unknown? | |
| Chaudhari et al. | A novel hybrid framework for cloud intrusion detection system using system call sequence analysis | |
| Moskovitch et al. | Host based intrusion detection using machine learning | |
| Shenderovitz et al. | Bon-APT: Detection, attribution, and explainability of APT malware using temporal segmentation of API calls | |
| Stopel et al. | Improving worm detection with artificial neural networks through feature selection and temporal analysis techniques | |
| Moskovitch et al. | Detection of unknown computer worms activity based on computer behavior using data mining | |
| Rozenberg et al. | A method for detecting unknown malicious executables | |
| Song et al. | A study of the relationship of malware detection mechanisms using Artificial Intelligence |