Ponomarev Nikolay Aleksandrovich (St. Petersburg State University of Telecommunications named after Professor M. A. Bonch-Bruevich Russia)
Tarov Evgeny Viktorovich (St. Petersburg State University of Telecommunications named after Professor M. A. Bonch-Bruevich Russia)
| |
This article discusses a new method of analyzing programs for the presence of malicious code using machine learning algorithms and the YARA tool. To do this, it is proposed to form YARA rules based on hex pairs of the code of the programs under consideration and to train the model on these data. The article also discusses two important parameters that need to be set to form the YARA rule: the number of hex pairs taken and the number of logical constructions in the rule. This method can be used to effectively detect malware and may be useful for information security professionals.
Keywords:information security, YARA, malware, machine learning, bayesian algorithm.
|
|
| |
|
Read the full article …
|
Citation link:
Ponomarev N. A., Tarov E. V. A METHOD OF ANALYZING PROGRAMS FOR THE PRESENCE OF MALICIOUS CODE USING MACHINE LEARNING METHODS AND YARA RULES // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2023. -№05. -С. 93-96 DOI 10.37882/2223-2966.2023.05.26 |
|
|
LEGAL
INFORMATION:
