• Àüü
  • ÀüÀÚ/Àü±â
  • Åë½Å
  • ÄÄÇ»ÅÍ
´Ý±â

»çÀÌÆ®¸Ê

Loading..

Please wait....

±¹³» ³í¹®Áö

Ȩ Ȩ > ¿¬±¸¹®Çå > ±¹³» ³í¹®Áö > Çѱ¹Á¤º¸°úÇÐȸ ³í¹®Áö > Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)

Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)

Current Result Document : 92 / 589 ÀÌÀü°Ç ÀÌÀü°Ç   ´ÙÀ½°Ç ´ÙÀ½°Ç

ÇѱÛÁ¦¸ñ(Korean Title) V-±×·¥: ¸í·É¾î ±âº» ºí·Ï°ú µö·¯´× ±â¹ÝÀÇ ¾Ç¼ºÄÚµå ŽÁö
¿µ¹®Á¦¸ñ(English Title) V-gram: Malware Detection Using Opcode Basic Blocks and Deep Learning
ÀúÀÚ(Author) Á¤¼º¹Î   ±èÇö¼®   ±è¿µÀç   À±¸í±Ù   Seongmin Jeong   Hyeonseok Kim   Youngjae Kim   Myungkeun Yoon  
¿ø¹®¼ö·Ïó(Citation) VOL 46 NO. 07 PP. 0599 ~ 0605 (2019. 07)
Çѱ۳»¿ë
(Korean Abstract)
¾Ç¼ºÄڵ尡 ±ÞÁõÇÏ¿© ±â°è ÇнÀ ±â¹ÝÀÇ ÀÚµ¿ ŽÁö ¿¬±¸°¡ Áß¿äÇØÁö°í ÀÖ´Ù. ¾Ç¼ºÄÚµå ½ÇÇàÆÄÀϷκÎÅÍ ÃßÃâµÇ´Â opcode ½ÃÄö½º´Â ¾Ç¼ºÄÚµå ŽÁö¿¡ ÁÁÀº Ư¡À̱⠶§¹®¿¡ ¹ÙÀÌÆ® ±â¹ÝÀÇ n-±×·¥ ó¸® ±â¹ýÀ» °ÅÃÄ ±â°è ÇнÀÀÇ ÀÔ·Â µ¥ÀÌÅͷμ­ Æø³Ð°Ô »ç¿ëµÇ°í ÀÖ´Ù. º» ³í¹®¿¡¼­´Â ó¸® ¼Óµµ¿Í ÀúÀå °ø°£ Ãø¸é¿¡¼­ ±âÁ¸ n-±×·¥ ¹æ½ÄÀ» Å©°Ô Çâ»ó½ÃÅ°´Â ±âº» ºí·Ï ´ÜÀ§ÀÇ µö·¯´× ÀÔ·Â µ¥ÀÌÅÍ °¡°ø ±â¹ýÀÎ V-±×·¥À» »õ·Ó°Ô Á¦¾ÈÇÑ´Ù. V-±×·¥Àº opcode ½ÃÄö½º·ÎºÎÅÍ ÀÇ¹Ì ¾ø´Â ÀÔ·Â µ¥ÀÌÅÍÀÇ ºÒÇÊ¿äÇÑ »ý¼ºÀ» ¸·À» ¼ö ÀÖ´Ù. º» ³í¹®¿¡¼­´Â 64,000°³ ÀÌ»óÀÇ ½ÇÁ¦ Á¤»ó ¹× ¾Ç¼ºÄÚµå ÆÄÀÏÀ» ¼öÁýÇÏ¿© ÁøÇàÇÑ ½ÇÇèÀ» ÅëÇؼ­, V-±×·¥ÀÌ Ã³¸® ¼Óµµ¿Í ÀúÀå °ø°£, ±×¸®°í ŽÁö Á¤È®µµ Ãø¸é¿¡¼­ ¸ðµÎ ±âÁ¸ÀÇ n-±×·¥ ±â¹ýº¸´Ù ¿ì¼öÇÏ´Ù´Â °ÍÀ» °ËÁõÇÏ¿´´Ù.
¿µ¹®³»¿ë
(English Abstract)
With the rapid increase in number of malwares, automatic detection based on machine learning becomes more important. Since the opcode sequence extracted from a malicious executable file is useful feature for malware detection, it is widely used as input data for machine learning through byte-based n-gram processing techniques. This study proposed a V-gram, a new data preprocessing technique for deep learning, which improves existing n-gram methods in terms of processing speed and storage space. V-gram can prevent unnecessary generation of meaningless input data from opcode sequences. It was verified that the V-gram is superior to the conventional n-gram method in terms of processing speed, storage space, and detection accuracy, through experiments conducted by collecting more than 64,000 normal and malicious code files. Keywords: malware detection, static analysis, disassemble, n-gram, feature hashing
Å°¿öµå(Keyword) ¾Ç¼ºÄÚµå ŽÁö   Á¤Àû ºÐ¼®   µð½º¾î¼Àºí   n-±×·¥   ÇÇÃÄ Çؽ̠ 
ÆÄÀÏ÷ºÎ PDF ´Ù¿î·Îµå