Performance Improvements in Behavior Based Malware Detection Solutions - ICT Systems Security and Privacy Protection Access content directly
Conference Papers Year : 2018

Performance Improvements in Behavior Based Malware Detection Solutions

Abstract

The constant evolution of malware, both in number and complexity, represents a severe threat to individual users and organizations. This is increasing the need for more advanced security solutions, such as dynamic behavior-based malware detection, that monitor and analyze actions performed on a system in real time. However, this approach comes with an intuitive downfall, the performance overhead. For this issue we propose two solutions that can be used separately or combined. The first approach takes advantage of the advances in hardware and uses asynchronous processing, thus reducing the impact on the monitored applications. The second approach relies on a dynamic reputation system, based on which different monitoring levels for applications can be defined. The differential monitoring of processes according to their dynamic reputation leads to a diminished general performance impact and also a lower false positive rate.
Fichier principal
Vignette du fichier
472722_1_En_26_Chapter.pdf (235.15 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02023724 , version 1 (21-02-2019)

Licence

Attribution

Identifiers

Cite

Gheorghe Hăjmăşan, Alexandra Mondoc, Radu Portase, Octavian Creţ. Performance Improvements in Behavior Based Malware Detection Solutions. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.370-384, ⟨10.1007/978-3-319-99828-2_26⟩. ⟨hal-02023724⟩
64 View
67 Download

Altmetric

Share

Gmail Facebook X LinkedIn More