ウダ リュウヤ
  宇田 隆哉
   所属   コンピュータサイエンス学部 コンピュータサイエンス学科
   職種   准教授
言語種別 英語
発行・発表の年月 2023/08
形態種別 国際会議論文
査読 査読あり
標題 Consideration for Creation of Training Samples for Targeted Malware Detection by Machine Learning
執筆形態 共著
掲載誌名 2023 6th International Conference on Information and Computer Technologies (ICICT)
掲載区分国外
出版社・発行元 IEEE
巻・号・頁 pp.144-149
総ページ数 7
担当区分 筆頭著者
著者・共著者 Ryuya Uda and Taeko Kotani
概要 Targeted malware evolved in recent years and that with encrypted payload appeared. The evolved targeted malware is difficult to be detected by static analysis and dynamic analysis on a virtual or stand-alone machine. The key for encryption is generated from information of a target computer. Therefore, the key is only known by an attacker and a victim computer. However, any targeted malware must collecting information of victim computer and we think this is a feature of targeted malware. First, we introduce our proposed method which detects targeted malware with encrypted payload by finding features of the collection behavior with machine learning. As a result, all test samples were classified to benign in our evaluation. We considered that features of our simulated samples are different from those of actual samples. Therefore, in this paper, we investigate of the difference and consider how we can create more precise simulated samples. We created map images of matched n-grams of our simulated samples with actual malware samples. We found hints of more precise simulated samples by looking distribution of the matched n-grams.