Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
INTELLIGENT MECHANISMS FOR EXTRACTING FEATURES OF FILE MODIFICATION IN DYNAMIC VIRUS ANALYSIS
S. G. Fomicheva, O. D. Gayduk St. Petersburg University of Aerospace Instrumentations
Annotation: The paper proposes machine-learning pipelines that allow to automatically generating relevant feature spaces for virus detectors, detect the presence of viral modifications in JS-files and scripts in real time, as well as interpret and visualize the machine solution obtained automatically. It is shown that the best quality metrics will be demonstrated by models of an abstract syntactic tree using binary classifiers based on ensembles of decision tree. The explanation, the solution automatically generated by the virus detector, is demonstrated.
Keywords: virus analysis, machine-learning models, features viral modification, decision trees ensembles, machine solution interpretation
Pages 153–167