A malware detection system inspired on the human immune system
| Autor(a) principal: | |
|---|---|
| Data de Publicação: | 2012 |
| Outros Autores: | , |
| Tipo de documento: | Artigo de conferência |
| Idioma: | eng |
| Título da fonte: | Repositório Institucional da UNESP |
| Texto Completo: | http://dx.doi.org/10.1007/978-3-642-31128-4_21 http://hdl.handle.net/11449/73443 |
Resumo: | Malicious programs (malware) can cause severe damage on computer systems and data. The mechanism that the human immune system uses to detect and protect from organisms that threaten the human body is efficient and can be adapted to detect malware attacks. In this paper we propose a system to perform malware distributed collection, analysis and detection, this last inspired by the human immune system. After collecting malware samples from Internet, they are dynamically analyzed so as to provide execution traces at the operating system level and network flows that are used to create a behavioral model and to generate a detection signature. Those signatures serve as input to a malware detector, acting as the antibodies in the antigen detection process. This allows us to understand the malware attack and aids in the infection removal procedures. © 2012 Springer-Verlag. |
| id |
UNSP_b233d21e36cd73396ff399a8f7fc59c8 |
|---|---|
| oai_identifier_str |
oai:repositorio.unesp.br:11449/73443 |
| network_acronym_str |
UNSP |
| network_name_str |
Repositório Institucional da UNESP |
| repository_id_str |
2946 |
| spelling |
A malware detection system inspired on the human immune systemdata mininghuman immune systemmalicious codeAntigen detectionsBehavioral modelExecution traceHuman bodiesHuman immune systemsMalicious codesMalware attacksMalware detectionMalwaresNetwork flowsChemical detectionComputer aided network analysisComputer crimeData miningDetectorsNetwork securityImmunologyMalicious programs (malware) can cause severe damage on computer systems and data. The mechanism that the human immune system uses to detect and protect from organisms that threaten the human body is efficient and can be adapted to detect malware attacks. In this paper we propose a system to perform malware distributed collection, analysis and detection, this last inspired by the human immune system. After collecting malware samples from Internet, they are dynamically analyzed so as to provide execution traces at the operating system level and network flows that are used to create a behavioral model and to generate a detection signature. Those signatures serve as input to a malware detector, acting as the antibodies in the antigen detection process. This allows us to understand the malware attack and aids in the infection removal procedures. © 2012 Springer-Verlag.São Paulo State University (Unesp), São José do Rio Preto, SPRenato Archer IT Research Center (CTI/MCT), Campinas, SPSão Paulo State University (Unesp), São José do Rio Preto, SPUniversidade Estadual Paulista (Unesp)Renato Archer IT Research Center (CTI/MCT)De Oliveira, Isabela Liane [UNESP]Grégio, André Ricardo AbedCansian, Adriano Mauro [UNESP]2014-05-27T11:26:53Z2014-05-27T11:26:53Z2012-07-23info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObject286-301http://dx.doi.org/10.1007/978-3-642-31128-4_21Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 7336 LNCS, n. PART 4, p. 286-301, 2012.0302-97431611-3349http://hdl.handle.net/11449/7344310.1007/978-3-642-31128-4_21WOS:0003082897000212-s2.0-8486394077400959219433459740000-0003-4494-1454Scopusreponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPengLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)0,295info:eu-repo/semantics/openAccess2021-10-23T21:44:33Zoai:repositorio.unesp.br:11449/73443Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462024-08-05T22:44:43.658893Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false |
| dc.title.none.fl_str_mv |
A malware detection system inspired on the human immune system |
| title |
A malware detection system inspired on the human immune system |
| spellingShingle |
A malware detection system inspired on the human immune system De Oliveira, Isabela Liane [UNESP] data mining human immune system malicious code Antigen detections Behavioral model Execution trace Human bodies Human immune systems Malicious codes Malware attacks Malware detection Malwares Network flows Chemical detection Computer aided network analysis Computer crime Data mining Detectors Network security Immunology |
| title_short |
A malware detection system inspired on the human immune system |
| title_full |
A malware detection system inspired on the human immune system |
| title_fullStr |
A malware detection system inspired on the human immune system |
| title_full_unstemmed |
A malware detection system inspired on the human immune system |
| title_sort |
A malware detection system inspired on the human immune system |
| author |
De Oliveira, Isabela Liane [UNESP] |
| author_facet |
De Oliveira, Isabela Liane [UNESP] Grégio, André Ricardo Abed Cansian, Adriano Mauro [UNESP] |
| author_role |
author |
| author2 |
Grégio, André Ricardo Abed Cansian, Adriano Mauro [UNESP] |
| author2_role |
author author |
| dc.contributor.none.fl_str_mv |
Universidade Estadual Paulista (Unesp) Renato Archer IT Research Center (CTI/MCT) |
| dc.contributor.author.fl_str_mv |
De Oliveira, Isabela Liane [UNESP] Grégio, André Ricardo Abed Cansian, Adriano Mauro [UNESP] |
| dc.subject.por.fl_str_mv |
data mining human immune system malicious code Antigen detections Behavioral model Execution trace Human bodies Human immune systems Malicious codes Malware attacks Malware detection Malwares Network flows Chemical detection Computer aided network analysis Computer crime Data mining Detectors Network security Immunology |
| topic |
data mining human immune system malicious code Antigen detections Behavioral model Execution trace Human bodies Human immune systems Malicious codes Malware attacks Malware detection Malwares Network flows Chemical detection Computer aided network analysis Computer crime Data mining Detectors Network security Immunology |
| description |
Malicious programs (malware) can cause severe damage on computer systems and data. The mechanism that the human immune system uses to detect and protect from organisms that threaten the human body is efficient and can be adapted to detect malware attacks. In this paper we propose a system to perform malware distributed collection, analysis and detection, this last inspired by the human immune system. After collecting malware samples from Internet, they are dynamically analyzed so as to provide execution traces at the operating system level and network flows that are used to create a behavioral model and to generate a detection signature. Those signatures serve as input to a malware detector, acting as the antibodies in the antigen detection process. This allows us to understand the malware attack and aids in the infection removal procedures. © 2012 Springer-Verlag. |
| publishDate |
2012 |
| dc.date.none.fl_str_mv |
2012-07-23 2014-05-27T11:26:53Z 2014-05-27T11:26:53Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/conferenceObject |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://dx.doi.org/10.1007/978-3-642-31128-4_21 Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 7336 LNCS, n. PART 4, p. 286-301, 2012. 0302-9743 1611-3349 http://hdl.handle.net/11449/73443 10.1007/978-3-642-31128-4_21 WOS:000308289700021 2-s2.0-84863940774 0095921943345974 0000-0003-4494-1454 |
| url |
http://dx.doi.org/10.1007/978-3-642-31128-4_21 http://hdl.handle.net/11449/73443 |
| identifier_str_mv |
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 7336 LNCS, n. PART 4, p. 286-301, 2012. 0302-9743 1611-3349 10.1007/978-3-642-31128-4_21 WOS:000308289700021 2-s2.0-84863940774 0095921943345974 0000-0003-4494-1454 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 0,295 |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
286-301 |
| dc.source.none.fl_str_mv |
Scopus reponame:Repositório Institucional da UNESP instname:Universidade Estadual Paulista (UNESP) instacron:UNESP |
| instname_str |
Universidade Estadual Paulista (UNESP) |
| instacron_str |
UNESP |
| institution |
UNESP |
| reponame_str |
Repositório Institucional da UNESP |
| collection |
Repositório Institucional da UNESP |
| repository.name.fl_str_mv |
Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP) |
| repository.mail.fl_str_mv |
|
| _version_ |
1808129457396908032 |