• Login
    View Item 
    •   Home
    • Research
    • Conference Papers
    • View Item
    •   Home
    • Research
    • Conference Papers
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Browse

    All of KAUSTCommunitiesIssue DateSubmit DateThis CollectionIssue DateSubmit Date

    My Account

    Login

    Quick Links

    Open Access PolicyORCID LibguideTheses and Dissertations LibguideSubmit an Item

    Statistics

    Display statistics

    Content-Agnostic Malware Detection in Heterogeneous Malicious Distribution Graph

    • CSV
    • RefMan
    • EndNote
    • BibTex
    • RefWorks
    Type
    Conference Paper
    Authors
    Alabdulmohsin, Ibrahim cc
    Han, Yufei
    Shen, Yun
    Zhang, Xiangliang cc
    KAUST Department
    Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
    Computer Science Program
    Date
    2016-10-26
    Online Publication Date
    2016-10-26
    Print Publication Date
    2016
    Permanent link to this record
    http://hdl.handle.net/10754/622527
    
    Metadata
    Show full item record
    Abstract
    Malware detection has been widely studied by analysing either file dropping relationships or characteristics of the file distribution network. This paper, for the first time, studies a global heterogeneous malware delivery graph fusing file dropping relationship and the topology of the file distribution network. The integration offers a unique ability of structuring the end-to-end distribution relationship. However, it brings large heterogeneous graphs to analysis. In our study, an average daily generated graph has more than 4 million edges and 2.7 million nodes that differ in type, such as IPs, URLs, and files. We propose a novel Bayesian label propagation model to unify the multi-source information, including content-agnostic features of different node types and topological information of the heterogeneous network. Our approach does not need to examine the source codes nor inspect the dynamic behaviours of a binary. Instead, it estimates the maliciousness of a given file through a semi-supervised label propagation procedure, which has a linear time complexity w.r.t. the number of nodes and edges. The evaluation on 567 million real-world download events validates that our proposed approach efficiently detects malware with a high accuracy. © 2016 Copyright held by the owner/author(s).
    Citation
    Alabdulmohsin I, Han Y, Shen Y, Zhang X (2016) Content-Agnostic Malware Detection in Heterogeneous Malicious Distribution Graph. Proceedings of the 25th ACM International on Conference on Information and Knowledge Management - CIKM ’16. Available: http://dx.doi.org/10.1145/2983323.2983700.
    Publisher
    Association for Computing Machinery (ACM)
    Journal
    Proceedings of the 25th ACM International on Conference on Information and Knowledge Management - CIKM '16
    Conference/Event name
    25th ACM International Conference on Information and Knowledge Management, CIKM 2016
    DOI
    10.1145/2983323.2983700
    Additional Links
    http://dl.acm.org/citation.cfm?doid=2983323.2983700
    ae974a485f413a2113503eed53cd6c53
    10.1145/2983323.2983700
    Scopus Count
    Collections
    Conference Papers; Computer Science Program; Computer, Electrical and Mathematical Science and Engineering (CEMSE) Division

    entitlement

     
    DSpace software copyright © 2002-2023  DuraSpace
    Quick Guide | Contact Us | KAUST University Library
    Open Repository is a service hosted by 
    Atmire NV
     

    Export search results

    The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

    By default, clicking on the export buttons will result in a download of the allowed maximum amount of items. For anonymous users the allowed maximum amount is 50 search results.

    To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

    After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.