Using Executable Slicing to Improve Rogue Software Detection Algorithms-Reference-Cited by-同舟云学术

Using Executable Slicing to Improve Rogue Software Detection Algorithms

Published: Issue: Volume: Page:113-124
ISSN:
Container-title:Developing and Evaluating Security-Aware Software Systems
language:
Short-container-title:

Author:

Durand Jan¹,Flores Juan¹,Atkison Travis¹,Kraft Nicholas²,Smith Randy²

Affiliation:

1. Louisiana Tech University, USA

2. University of Alabama, USA

Abstract

This paper describes a research effort to use executable slicing as a pre-processing aid to improve the prediction performance of rogue software detection. The prediction technique used here is an information retrieval classifier known as cosine similarity that can be used to detect previously unknown, known or variances of known rogue software by applying the feature extraction technique of randomized projection. This paper provides direction in answering the question of is it possible to only use portions or subsets, known as slices, of an application to make a prediction on whether or not the software contents are rogue. This research extracts sections or slices from potentially rogue applications and uses these slices instead of the entire application to make a prediction. Results show promise when applying randomized projections to cosine similarity for the predictions, with as much as a 4% increase in prediction performance and a five-fold decrease in processing time when compared to using the entire application.

Publisher

IGI Global

Reference31 articles.

1. Abou-Assaleh, T., Cercone, N., Keselj, V., & Sweidan, R. (2004a). Detection of new malicious code using n-grams signatures. In Proceedings of the 2nd Annual Conference on Privacy, Security and Trust, New Brunswick, Canada (pp. 193-196).

2. Abou-Assaleh, T., Cercone, N., Keselj, V., & Sweidan, R. (2004b). N-gram-based detection of new malicious code. In Proceedings of the 28th Annual International Computer Software and Applications Conference (pp. 41-42).

3. Atkison, T. (2009). Applying randomized projection to aid prediction algorithms in detecting high-dimensional rogue applications. In Proceedings of the 47th ACM Southeast Conference, Clemson, SC (p. 23).

4. Bergeron, J., Debbabi, M., Desharnais, J., Erhioui, M. M., Lavoie, Y., Tawbi, N., et al. (2001). Static detection of malicious code in executable programs. In Proceedings of the Symposium on Requirements Engineering for Information Security (pp. 184-189).