Publication Details
Automated Malware Detection Based on Novel Network Behavioral Signatures
BARABAS Maroš, HOMOLIAK Ivan, DROZD Michal and HANÁČEK Petr. Automated Malware Detection Based on Novel Network Behavioral Signatures. International Journal of Engineering and Technology, vol. 5, no. 2, 2013, pp. 249-253. ISSN 1793-8236.
Czech title
Automatická detekce malwaru pomocí síťových behaviorálních signatur
Type
journal article
Language
english
Authors
Barabas Maroš, Ing., Ph.D. (DITS FIT BUT)
Homoliak Ivan, doc. Ing., Ph.D. (DITS FIT BUT)
Drozd Michal, Ing. (DITS FIT BUT)
Hanáček Petr, doc. Dr. Ing. (DITS FIT BUT)
Homoliak Ivan, doc. Ing., Ph.D. (DITS FIT BUT)
Drozd Michal, Ing. (DITS FIT BUT)
Hanáček Petr, doc. Dr. Ing. (DITS FIT BUT)
Keywords
artificial intelligence, behavioral signatures, metrics, network security, security, security design.
Abstract
In this paper we propose the updated novel intrusion detection framework which has higher successful rate in detection of specific zero-day malware. Further we present updated state-of-the-art set of network metrics for description of attack vector.
Annotation
In this paper we present the basic principles of the efficient malware detection framework which has higher successful rate in detection of specific zero-day malware that is difficult with common IDPS techniques. We propose a new generation of detection framework based on network behavioral signatures using zero-day exploits, instead of the signaturebased or anomaly-based detection solutions currently available for IDPS technology. Our research aims mainly on detection of attacks that abuse vulnerabilities of buffer overflow type, but the final goal is to extend detection techniques to cover various types of vulnerabilities. This article describes the concept of detection framework, provides a design of model architecture and shows an experimental results with draft of framework on the set of laboratory simulated attacks.
Published
2013
Pages
249-253
Journal
International Journal of Engineering and Technology, vol. 5, no. 2, ISSN 1793-8236
Book
International Journal of Engineering and Technology
Publisher
International Association of Computer Science and Information Technology
Place
Singapore, SG
BibTeX
@ARTICLE{FITPUB10047, author = "Maro\v{s} Barabas and Ivan Homoliak and Michal Drozd and Petr Han\'{a}\v{c}ek", title = "Automated Malware Detection Based on Novel Network Behavioral Signatures", pages = "249--253", booktitle = "International Journal of Engineering and Technology", journal = "International Journal of Engineering and Technology", volume = 5, number = 2, year = 2013, location = "Singapore, SG", ISSN = "1793-8236", language = "english", url = "https://www.fit.vut.cz/research/publication/10047" }
Files