Inoculation Against Malware Infection Using Kernel-level Software Sensors

The authors present a technique for dynamic malware detection that relies on a set of sensors that monitor the interaction of applications with the underlying operating system. By monitoring the requests that each process makes to kernel-level operating system functions, they build a statistical model that describes both clean and infected systems in terms of the distribution of data collected from each sensor. The model parameters are learned from labeled training data gathered from machines infected with canonical samples of malware.

Provided by: Association for Computing Machinery Topic: Security Date Added: Jun 2011 Format: PDF

Find By Topic