Computer Science ›› 2021, Vol. 48 ›› Issue (6A): 448-458.doi: 10.11896/jsjkx.201100074
• Information Security • Previous Articles Next Articles
YANG Ping, SHU Hui, KANG Fei, BU Wen-juan, HUANG Yu-yao
CLC Number:
[1] YU B,FANG Y,YANG Q,et al.A survey of malware behavior description and analysis[J].Frontiers of Information and Electronic Engineering (English),2018,19(5):583-603. [2] https://attack.mitre.org/versions/v6/techniques/T1020/. [3] DAS S,LIU Y,ZHANG W,et al.Semantics-based online malware detection:towards efficient real-time protection against malware[J].IEEE Transactions on Information Forensics and Security,2016,11(2):289-302. [4] NAVAL S,LAXMI V,RAJARAJAN M,et al.Employing Program Semantics for Malware Detection[J].IEEE Transactions on Information Forensics and Security,2017,10(12):2591-2604. [5] COVER,THOMAS M,THOMAS,et al.Asymptotic Equipartition Property[M]//Elements of Information Theory.John Wiley & Sons,Inc.2001. [6] ALAZAB M,VENKATARAMAN S,WATTERS P.TowardsUnderstanding malware behaviour by the extraction of API calls[C]//Proc 2nd Cybercrime and Trustworthy Computing Workshop.2010:52-59. [7] GUPTA S,SHARMA H,KAUR S.Malware Characterization Using Windows API Call Sequences[C]//International Conference on Security,Privacy,and Applied Cryptography Engineering.Springer,Cham,2016. [8] LI Z L,SHU H,KANG F,et al.Hierarchical analysis method of malicious behavior based on API correlation[J].Computer Engineering and Design,2014,35(11):3730-3735. [9] NING P,REEVES D,CUI Y.Correlating Alerts Using Prerequisites of Intrusions:Towards Reducing False Alerts and Uncovering High Level Attack Strategies[R].North Carolina State University,Department of Computer Science,2001. [10] WANG X S,ZHANG Y,LI Y H.Development and Improve-ment of an Intrusion Detection System Based on Correlation Analysis[C]//Proceedings of 2006 National Theoretical Computer Science Conference.2006:169-171. [11] CUPPENS F,MIEGE A.Alert correlation in a cooperative intrusion detection framework[C]//Proceedings 2002 IEEE Symposium on Security and Privacy.Berkeley,CA,USA,2002:202-215. [12] CHEN X S,YIN H B.The analysis of event correlation in intrusion detection[J].Journal of Huazhong University of Science and Technology,2003,31(4):30-33. [13] AGRAWAL R,IMIELINSKI T,SWAMI A.Mining association rules between sets of items in large database[C]//Washington DC:Procedings of the ACM SIGMOD Conference on Management of Data.1993:207-216. [14] AGRAWAL R,SRIKANT R.Fast Algorithms for mining association rules[C]//Proc 1994 Int'l Conf Very Large Database.Santiago,Chile,1994:487-499. [15] LIANG J S,ZHENG T.The Application of the AssociationRules in Intrusion Detection System[C]//China Computer Information Protection Annual Conference and Information Protection System Construction Seminar.2008. [16] ZHANG Y,LIU Y H,TIAN D X,et al.Intrusion Detection System Based on Association Rules[J].Journal of Jilin University:Information Science Edition,2006(2):204-209. [17] FENG X.The Application of Fuzzy Association Rule Mining in Intrusion Detection[D].Anhui:University of Science and Technology of China,2010. [18] https://attack.mitre.org. [19] https://attack.mitre.org/versions/v6/tactics/enterprise/. [20] https://attack.mitre.org/versions/v6/techniques/enterprise/. [21] UTCHINS E M,CLOPPERT M J,AMIN R M.Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains[OL].https://www.researchgate.net/publication/266038451_Intelligence-Driven_Computer_Network_Defense_Informed_by_Analysis_of_Adversary_Campaigns_and_Intrusion_Kill_Chains. [22] NICKELS K.Leveraging MITRE ATT&CK for Detection[EB].Analysis & Defense. [23] Free Automated Malware Analysis Service[EB/OL].https://www.hybrid-analysis.com/.2020.11. [24] YANG P,SHU H,KANG F,et al.Automatically GeneratingMalware Summary Using Semantic Behavior Graphs (SBGs)[C]//2020 Information Communication Technologies Conference (ICTC).Nanjing,China,2020:282-291. [25] FISCHER M J,PATERSON M S.String-matching and other products[C]//Proceeding of the 7th SIAM AMS Complexity of Computation.Cambridge,USA,1974:113-125. [26] MANBER U,BAEZA-YATES R.An algorithm for string matching with a sequence of don't cares[J].Information Processing Leters,1991,37(3):133-136. [27] CHEN G,WU X D,ZHU X Q,et al.Effcient string matching with wildcards and length constraints[J].Knowledge and Information Systems,2006,10(4):399-419. [28] WU X D,ZHU X Q,HE Y,et al.PMBC:Pattern mining from biological sequences with wildcard constraints[J].Computers in Biology and Medicine,2013,43(5):481-492. [29] QIANG J P,XIE F,GAO J,et al.Pattern matching with wildcards of arbitrary length[J].Acta Automatica Sinica,2014,40(11):2499-2511. [30] RISTAD E S,YIANILOS P N.Learning String Edit Distance[J].IEEE Transactions on Pattern Analysis and Machine Intelligence,1998,20(5):522-532. [31] YI P,ZHOU Q,MEN H S.Dynamic social network community discovery algorithm based on HMM[J].Journal of Computer Research and Development,2017,54(11):2611-2619. [32] ZHOU D Q,ZHANG H F,ZHANG S W,et al.HMM-based distributed denial of service attack detection method[J].Journal of Computer Research and Development,2005,42(9):1594-1599. [33] YUAN Y,WANG C R,WANG C,et al.Cloud resource allocation model based on incomplete information game[J].Computer Research and Development,2016,53(6):1342-1351. [34] NING P,CUI Y,REEVES D S.Constructing Attack ScenariosThrough Correlation of Intrusion Alerts[C]//Proc.of the 9th ACM Conference on Computer and Communications Security.Washington,D.C.,2002:245-254. [35] NING P,REEVES D,CUI Y.Correlating Alerts Using Prerequisites of Intrusions:Towards Reducing False Alerts and Uncovering High Level Attack Strategies[R].North Carolina State University,Department of Computer Science,2001. [36] ZHANG H B.Research on IDS alarm correlation model based on description logic[D].Shanghai:Shanghai Jiaotong University. |
[1] | LI Jia-rui, LING Xiao-bo, LI Chen-xi, LI Zi-mu, YANG Jia-hai, ZHANG Lei, WU Cheng-nan. Dynamic Network Security Analysis Based on Bayesian Attack Graphs [J]. Computer Science, 2022, 49(3): 62-69. |
[2] | LIU Kai-xiang, XIE Yong-fang, CHEN Xin, LYU Fei, LIU Jun-jiao. Industrial Serial Protocol State Detection Algorithm Based on DTMC [J]. Computer Science, 2022, 49(3): 301-307. |
[3] | LI Yi-meng, LI Cheng-hai, SONG Ya-fei, WANG Jian. Method of Malware Family Classification Based on Attention-DenseNet-BC Model Mechanism [J]. Computer Science, 2021, 48(10): 308-314. |
[4] | WANG Jin-heng, SHAN Zhi-long, TAN Han-song, WANG Yu-lin. Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network [J]. Computer Science, 2021, 48(6): 338-342. |
[5] | YANG Lin, WANG Yong-jie. Application and Simulation of Ant Colony Algorithm in Continuous Path Prediction of Dynamic Network [J]. Computer Science, 2021, 48(6A): 485-490. |
[6] | ZHOU Tian-yang, ZENG Zi-yi, ZANG Yi-chao, WANG Qing-xian. Team Cooperative Attack Planning Based on Multi-agent Joint Decision [J]. Computer Science, 2021, 48(5): 301-307. |
[7] | CAO Kang-hua, DONG Wei-wei, WANG Jin-liang, ZHOU Lin, WANG Yong. Attack Detection Method for Electricity Information Collection System Based on Virtual Honeynet [J]. Computer Science, 2019, 46(11A): 455-459. |
[8] | GAO Sha-sha, WANG Zhong-hua. Dynamical Management Technology of Multi-Level Security Domain for Embedded Operating System Based on MILS [J]. Computer Science, 2019, 46(11A): 460-463. |
[9] | LU Xian-guang, DU Xue-hui, WANG Wen-juan. Alert Correlation Algorithm Based on Improved FP Growth [J]. Computer Science, 2019, 46(8): 64-70. |
[10] | CAO Wei-dong, XU Zhi-xiang, WANG Jing. Intrusion Detection Based on Semi-supervised Learning with Deep Generative Models [J]. Computer Science, 2019, 46(3): 197-201. |
[11] | CHEN Wei-peng, AO Zhi-gang, GUO Jie, YU Qin, TONG Jun. Research on Cyberspace Situation Awareness Security Assessment Based on Improved BP Neural Network [J]. Computer Science, 2018, 45(11A): 335-337. |
[12] | YIN Zhong-xu, ZHANG Lian-cheng. SQL Injection Intrusion Avoidance Scheme Based on Automatic Insertion of Dataflow-relevant Filters [J]. Computer Science, 2019, 46(1): 201-205. |
[13] | LU Qiang, YOU Rong-yi, YE Xiao-hong. Network Nearest Neighbor Intrusion Detection Algorithm Based on Adaptive Convolution Filtering [J]. Computer Science, 2018, 45(7): 154-157. |
[14] | LI Yi-hong, LIU Fang-zheng, DU Zhen-yu. Malware Detection Algorithm for Improving Active Learning [J]. Computer Science, 2019, 46(5): 92-99. |
[15] | PEI Lan-zhen, ZHAO Ying-jun, WANG Zhe, LUO Yun-qian. Comparison of DGA Domain Detection Models Using Deep Learning [J]. Computer Science, 2019, 46(5): 111-115. |
|