Behavior based malware detection using probabilistic programming technique확률론적 프로그래밍 기법을 이용한 행위 기반 악성 프로그램 탐지 방법
Malware has evolved steadily in many different types and also shown an exponential increase in the number. In an effort to protect the users against malware, malware detection technologies have been proposed, which are based on ML (machine learning). These technologies are of help in detecting malicious behaviors of malware without human experts’ intervention. However, legacy ML-based malware detection techniques require a pre-training process to model a malware family, which causes the scalability problem. In this work, we propose a new malware detection framework based on Probabilistic Programming. In this framework, the behaviors of malware process are described as a set of simple first-order logic, and security experts can detect malicious behaviors by writing a simple rule. To show the feasibility of the proposed framework, we employ a family of ransomware as a use case. To this end, we collect malware samples and provide a set of Probabilistic Programming rules to describe the detection process of the samples.
- Advisors
- Shin, Seungwonresearcher; 신승원researcher
- Description
- 한국과학기술원 :정보보호대학원,
- Publisher
- 한국과학기술원
- Issue Date
- 2020
- Identifier
- 325007
- Language
- eng
- Description
학위논문(석사) - 한국과학기술원 : 정보보호대학원, 2020.2,[iii, 31 p. :]
- Keywords
Malware Detection▼aDynamic Malware Analysis▼aStatistical Relational Learning▼aProbabilistic Reasoning▼aRansomware Detection; 악성코드 탐지▼a악성코드 동적 분석▼a확률론적 프로그래밍▼a확률 추론▼a랜섬웨어 탐지
- Appears in Collection
- IS-Theses_Master(석사논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.