Analysis of the capacity of existing anti-virus protection systems and their based methods for detecting new malware in military information systems

Fesokha, V.; Kysylenko, D.; Nesterov, O.

doi:10.58254/viti.3.2023.16.143

Communication, Informatization and Cybersecurity Systems and Technologies

2023

DOI: 10.58254/viti.3.2023.16.143

|View full text |Cite

Analysis of the capacity of existing anti-virus protection systems and their based methods for detecting new malware in military information systems

V. Fesokha,

D. Kysylenko,

O. Nesterov

Abstract: The article solves the task of analyzing the ability of existing anti-virus systems and the methods based on them to detect new malicious software in information systems of critical infrastructure, in particular, the sector of the state defense forces. It is noted that the official data of the developers of antivirus systems often do not confirm the declared level of accuracy of detecting new malicious software in practice. In addition, in most cases, the declared accuracy rate of detecting new malware is high… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2024

Publication Types

Select...

Article1

Relationship

Self Cite0

Independent1

Authors

Journals

Cited by 1 publication

References 8 publications

(1 reference statement)

Supporting

Mentioning

Contrasting

Order By: Relevance

A model for determining the invariant component in the behavior of malware software based on the integration of fuzzy logic and genetic algorithms

Fesioch,

Kisilenko

2024

Communication, Informatization and Cybersecurity Systems and Technologies

View full text Add to dashboard Cite

The detection of polymorphic and metamorphic malware is a critical cybersecurity challenge due to its ability to evade detection by existing cyber defense systems by automatically modifying its own code and/or structure. In this context, an approach to the detection of polymorphic and metamorphic malware is proposed, which is based on the determination of an invariant component for each known type of malware during the analysis of its behavior. The essence of this approach is to define such an area of behavior that remains unchanged for a specific type of malicious software, regardless of the modifications made. To find the specified invariant component in the behavior of malware for each of its types, a set of values of the original feature space is described by fuzzy linguistic terms in order to obtain a set of fuzzy production rules for each type of malware. The next step is to determine the fuzzy invariant component for each known type of malicious software in the form of a fuzzy subset of features from the set of fuzzy production rules obtained in the previous step by means of genetic algorithms. The proposed model makes it possible to significantly increase the accuracy of detection of polymorphic and metamorphic software based on behavioral characteristics characteristic of already classified samples, which, in turn, contributes to increasing the overall effectiveness of the cyber security system.

show abstract

A model for determining the invariant component in the behavior of malware software based on the integration of fuzzy logic and genetic algorithms

Fesioch,

Kisilenko

2024

Communication, Informatization and Cybersecurity Systems and Technologies

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Analysis of the capacity of existing anti-virus protection systems and their based methods for detecting new malware in military information systems

Cited by 1 publication

References 8 publications

A model for determining the invariant component in the behavior of malware software based on the integration of fuzzy logic and genetic algorithms

A model for determining the invariant component in the behavior of malware software based on the integration of fuzzy logic and genetic algorithms

Contact Info

Product

Resources

About