There are a lot of malicious codes on the internet and many research studies methods for detection of them. Generally, detection methods of malicious codes compare source codes through definition and analysis pattern of malicious codes. In this paper, proposed method is a malicious code detection using relations and concepts between codes pattern based on semantics. Also, this method is detection of malicious script code through token conceptualization for extraction of relations and concepts in source codes because conceptual graph and regularization pattern matching between malicious behaviors in codes. In experiment, we test a malicious behavior distinction based on SVM(Support Vector Machine) training and the result is indicated adequate rate of malicious code detection.
Description
Detection of unknown malicious script code using a conceptual graph and SVM
%0 Conference Paper
%1 kim2012detection
%A Kim, Hayoung
%A Choi, Junho
%A Choi, Dongjin
%A Choi, Hansuk
%A Kim, Pankoo
%B Proceedings of the 2012 ACM Research in Applied Computation Symposium
%C New York, NY, USA
%D 2012
%E Cho, Yookun
%E Gantenbein, Rex E.
%E Kuo, Tei-Wei
%E Tarokh, Vahid
%I ACM
%K based code concept conceptual detection graph malcode malicious svm
%P 310--315
%R 10.1145/2401603.2401671
%T Detection of Unknown Malicious Script Code Using a Conceptual Graph and SVM
%U http://doi.acm.org/10.1145/2401603.2401671
%X There are a lot of malicious codes on the internet and many research studies methods for detection of them. Generally, detection methods of malicious codes compare source codes through definition and analysis pattern of malicious codes. In this paper, proposed method is a malicious code detection using relations and concepts between codes pattern based on semantics. Also, this method is detection of malicious script code through token conceptualization for extraction of relations and concepts in source codes because conceptual graph and regularization pattern matching between malicious behaviors in codes. In experiment, we test a malicious behavior distinction based on SVM(Support Vector Machine) training and the result is indicated adequate rate of malicious code detection.
%@ 978-1-4503-1492-3
@inproceedings{kim2012detection,
abstract = {There are a lot of malicious codes on the internet and many research studies methods for detection of them. Generally, detection methods of malicious codes compare source codes through definition and analysis pattern of malicious codes. In this paper, proposed method is a malicious code detection using relations and concepts between codes pattern based on semantics. Also, this method is detection of malicious script code through token conceptualization for extraction of relations and concepts in source codes because conceptual graph and regularization pattern matching between malicious behaviors in codes. In experiment, we test a malicious behavior distinction based on SVM(Support Vector Machine) training and the result is indicated adequate rate of malicious code detection.},
acmid = {2401671},
added-at = {2015-05-20T14:25:00.000+0200},
address = {New York, NY, USA},
author = {Kim, Hayoung and Choi, Junho and Choi, Dongjin and Choi, Hansuk and Kim, Pankoo},
biburl = {https://www.bibsonomy.org/bibtex/29cc1c4d8d094d209faba720a1f80debb/jil},
booktitle = {Proceedings of the 2012 ACM Research in Applied Computation Symposium},
description = {Detection of unknown malicious script code using a conceptual graph and SVM},
doi = {10.1145/2401603.2401671},
editor = {Cho, Yookun and Gantenbein, Rex E. and Kuo, Tei-Wei and Tarokh, Vahid},
interhash = {3fb34a33c5d1f83b0433dc342495ef49},
intrahash = {9cc1c4d8d094d209faba720a1f80debb},
isbn = {978-1-4503-1492-3},
keywords = {based code concept conceptual detection graph malcode malicious svm},
location = {San Antonio, Texas},
numpages = {6},
pages = {310--315},
publisher = {ACM},
series = {RACS '12},
timestamp = {2015-05-20T14:25:00.000+0200},
title = {Detection of Unknown Malicious Script Code Using a Conceptual Graph and SVM},
url = {http://doi.acm.org/10.1145/2401603.2401671},
year = 2012
}