Review of KIISC (정보보호학회지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지

딥러닝을 이용한 악성코드탐지 연구동향

  • 최선오 (한국전자통신연구원 정보보호연구본부 지능보안연구그룹) ;
  • 김영수 (한국전자통신연구원 정보보호연구본부 지능보안연구그룹) ;
  • 김종현 (한국전자통신연구원 정보보호연구본부 지능보안연구그룹) ;
  • 김익균 (한국전자통신연구원 정보보호연구본부 지능보안연구그룹)
  • Published : 2017.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

인터넷의 발달로 인류가 많은 유익을 얻었지만 동시에 악성코드와 같은 또다른 문제를 겪고 있다. 이러한 악성코드를 막기 위해 시그니처 기반의 안티바이러스 프로그램이 많이 사용되고 있지만 악성코드의 변종이나 제로데이 악성코드를 막는데 한계를 가지고 있다. 이러한 문제를 해결하기 위하여 본 논문에서는 딥러닝을 이용하여 악성코드를 탐지하고 분류하는 연구동향에 대해 소개한다.

Keywords

References

  1. Matthew G. Schultz, Eleazae Eskin, and Erez Zadok, "Data Mining Methods for Detection of New Malicious Executables," IEEE International Conference on Security and Privacy, 2001.
  2. Manning C.D., Raghavan, P., Schutze, H., "An Introduction to Information Retrieval," Cambridge University Press, 2009
  3. Razvan Pascanu, Jack W. Stokes, Hermineh Sanossian, Mandy Marinescu, and Anil Thomas, "Malware Classification with Recurrent Networks," IEEE International Conference on Acoustics, Speech and Signal Processing, 2015
  4. Wenyi Huang and Jack W. Stokes, "MtNet: A Multi-Task Neural Network for Dynamic Malware Classification," International Conference on Detection of Intrusions and Malware & Vulnerability Assessment, 2016
  5. Daesung Moon, Sung Bum Pan, and Ikkyun Kim, "Host-based intrusion detection system for secure human-centric computing," Journal of Supercomputing, 2016
  6. Daniel Gibert, "Convolutional Neural Networks for Malware Classification," Master Thesis, Universitat de Barcelona, 2016
  7. George E. Dahl, Jack W. Stokes, Li Deng, and Dong Yu, "Large-Scale Malware Classification using Random Projections and Neural Networks," IEEE International Conference on Acoustics, Speech and Signal Processing, 2013
  8. Li, P., Hastie, T.J., Church, K.W., "Very sparse random projections," ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (ICDM), 2006
  9. Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., Salakhutdinov, R., "Dropout: A simple way to prevent neural networks from overfitting." J. Mach. Learn. Res., 2014
  10. Ulrich Bayer, Christopher Kruegel, and Engin Kirda, "TTAnalyze: A tool for analyzing malware," Annual Conference of the European Institute for Computer Antivirus Research (EICAR), 2006
  11. A. Moser, C. Kruegel, and E. Kirda, "Exploring multiple execution paths for malware analysis," IEEE Symposium on Security and Privacy, 2007
  12. Tomas Mikolov, Ilya Sutskever, Kai Chen, Greg S. Corrado, and Jeff Dean, "Distributed representations of words and phrases and their compositionality," Advamces om Neural Information Processing Systems, 2013
  13. https://www.kaggle.com/c/malware-classification
  14. Alex Krizhevsky, Ilya Sutskever, and Geoffrey E. Hinton, "Imagenet classification with deep convolutional neural networks," Advances in Neural Information Processing Systems, 2012
  15. L. Nataraj, S. Karthikeyan, G. Jacob, B. S. Manjunath, "Malware Images: Visualization and Automatic Classification," ACM VizSec, 2011
  16. Aude Oliva and Antonio Torralba, "Modeling the shape of the scene: A holistic representation of the spatial envelope," International Journal of Computer Vision, 2001
  17. WannerCry randomware attack, https://en.wikipe dia.org/wiki/WannaCry_ransomware_attack
  18. W. Xu, Y. Qi, D. Evans, "Automatically Evading Classifiers," Network and Distributed Systems Symposium, 2016