Publication Details
Automated Malware Detection Based on Novel Network Behavioral Signatures
BARABAS, M.; HOMOLIAK, I.; DROZD, M.; HANÁČEK, P. Automated Malware Detection Based on Novel Network Behavioral Signatures. International Journal of Engineering and Technology, 2013, vol. 5, no. 2, p. 249-253. ISSN: 1793-8236.
Czech title
Automatická detekce malwaru pomocí síťových behaviorálních signatur
Type
journal article
Language
English
Authors
Barabas Maroš, Ing., Ph.D.
Homoliak Ivan, Ing., Ph.D. (DITS)
Drozd Michal, Ing.
Hanáček Petr, doc. Dr. Ing. (DITS)
Homoliak Ivan, Ing., Ph.D. (DITS)
Drozd Michal, Ing.
Hanáček Petr, doc. Dr. Ing. (DITS)
Keywords
artificial intelligence, behavioral signatures, metrics, network security, security, security design.
Abstract
In this paper we propose the updated novel intrusion detection framework which has higher successful rate in detection of specific zero-day malware. Further we present updated state-of-the-art set of network metrics for description of attack vector.
Annotation
In this paper we present the basic principles of the efficient malware detection framework which has higher successful rate in detection of specific zero-day malware that is difficult with common IDPS techniques. We propose a new generation of detection framework based on network behavioral signatures using zero-day exploits, instead of the signaturebased or anomaly-based detection solutions currently available for IDPS technology. Our research aims mainly on detection of attacks that abuse vulnerabilities of buffer overflow type, but the final goal is to extend detection techniques to cover various types of vulnerabilities. This article describes the concept of detection framework, provides a design of model architecture and shows an experimental results with draft of framework on the set of laboratory simulated attacks.
Published
2013
Pages
249–253
Journal
International Journal of Engineering and Technology, vol. 5, no. 2, ISSN 1793-8236
Book
International Journal of Engineering and Technology
Place
Singapore
BibTeX
@article{BUT103419,
author="Maroš {Barabas} and Ivan {Homoliak} and Michal {Drozd} and Petr {Hanáček}",
title="Automated Malware Detection Based on Novel Network Behavioral Signatures",
journal="International Journal of Engineering and Technology",
year="2013",
volume="5",
number="2",
pages="249--253",
issn="1793-8236",
url="https://www.fit.vut.cz/research/publication/10047/"
}