2019³âµµ ÀÎÅͳÝÁ¤º¸ÇÐȸ Ãá°èÇмú¹ßÇ¥´ëȸ
Current Result Document :
ÇѱÛÁ¦¸ñ(Korean Title) |
N-gram based Feature EngineeringÀ» ÅëÇÑ ¾Ç¼ºÄÚµå °ø°ÝÀÚ ½Äº° ¸ðµ¨ |
¿µ¹®Á¦¸ñ(English Title) |
Malware attacker Identification Model through N-gram based Feature Engineering |
ÀúÀÚ(Author) |
ÀÌ¿µÀü
ÇÑ¸í¹¬
Young-Jeon Lee
Myung-Mook Han
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 20 NO. 01 PP. 0207 ~ 0208 (2019. 04) |
Çѱ۳»¿ë (Korean Abstract) |
Binary Code Authorship Attribution¶õ ÁÖ¾îÁø Binary CodeÀÇ ÀÛ¼ºÀÚ¸¦ ½Äº°ÇÏ´Â ÇÁ·Î¼¼½º¸¦ ÀǹÌÇÑ´Ù. ½ÅÁ¾ ¾Ç¼ºÄÚµå ¹× ¾ÏÈ£ÈµÈ ¾Ç¼ºÄÚµåÀÇ ¹ßÀü°ú ÇÔ²² ¾Ç¼ºÄÚµå ÀÛ¼ºÀÚ´Â »õ·Î¿î ¾Ç¼ºÄڵ带 ´õ¿í ¸¹ÀÌ »ý»êÇس»°í ÀÖ´Ù. ÀÌ¿¡ »çÀ̹ö º¸¾È ¿µ¿ª¿¡¼´Â ±âÁ¸ ¿ª°øÇÐÀû(Reverse Engineering)ÀÎ ¹æ¹ý¿¡ ±â°èÇнÀ(Machine Learning)À» Á¢¸ñÇÑ Áö´ÉÈµÈ ÇØ°áÃ¥À» ¸¶·ÃÇÏ°í ÀÖ´Ù. º» ³í¹®¿¡¼´Â N-gram±â¹ýÀ» È°¿ëÇÏ¿© Binary Code·ÎºÎÅÍ Æ¯Â¡À» ÃßÃâÇÏ´Â N-gram based Feature Engineering±â¹ýÀ» È°¿ëÇÑ °ø°ÝÀÚ ½Äº° ¸ðµ¨À» Á¦¾ÈÇÑ´Ù. ±âÁ¸ SoftwareÀÇ À¯»çµµ (Similarity)¿Í ¾Ç¼ºÄÚµåÀÇ °ø°ÝÀÚ ½Äº°(Identification)¿¡ »ç¿ëµÇ¾ú´ø N-gram±â¹ýÀ» È°¿ëÇÏ¿© º¸´Ù Çâ»óµÈ ¼º´ÉÀÇ ¾Ç¼ºÄÚµå °ø°ÝÀÚ ½Äº° ¸ðµ¨À» Á¦¾ÈÇÑ´Ù. ¿¬±¸¿¡ ¾Õ¼ ¾Ç¼ºÄÚµå °ø°ÝÀÚ ½Äº°ÀÇ ¹üÁÖ¸¦ Authorship Identification·Î Á¦ÇÑÇϸç Microsoft Malware Classification Challenge(BIG 2015) Data setÀÇ LabelµÈ ¾Ç¼ºÄÚµå Family¸¦ ½Äº°ÇÒ °ÍÀÌ´Ù. Feature Engineering¹æ¹ýÀ¸·Î N-gram±â¹ýÀ» È°¿ëÇÏ¿© ¾Ç¼ºÄÚµåÀÇ Æ¯Â¡À» ÃßÃâÇϸç ÃßÃâµÈ FeatureµéÀ» Xgboost(Gradient Boosting)¸ðµ¨·Î ÇнÀ½ÃÄÑ Accuracy¸¦ ³ôÀÏ °ÍÀÌ´Ù. º» ¿¬±¸¸¦ ½ÃÀÛÀ¸·Î ¾Ç¼ºÄÚµå °ø°ÝÀÚÀÇ Æ¯Â¡ ÃßÃâ°ú °ø°ÝÀÚ ½Äº°ÀÇ ¿¬±¸°¡ È°¹ßÇØÁú °ÍÀ¸·Î ±â´ëµÈ´Ù.
|
¿µ¹®³»¿ë (English Abstract) |
|
Å°¿öµå(Keyword) |
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|