Title:
ADJACENT-MATRIX-BASED MALICIOUS CODE DETECTION AND CLASSIFICATION APPARATUS AND MALICIOUS CODE DETECTION AND CLASSIFICATION METHOD
Document Type and Number:
WIPO Patent Application WO/2022/107964
Kind Code:
A1
Abstract:
A malicious code detection and classification apparatus can comprise: a graph generation unit for generating, from source data, graph information including a plurality of nodes, which correspond to application programming interfaces (APIs) included in the source data, and one or more edges, which connect between the plurality of nodes; a matrix generation unit for generating an adjacent matrix between the APIs, included in the source data, by using the graph information; and a machine learning unit for detecting malicious code, included in the source data, by using the adjacent matrix as an input value of a machine-learning-based analysis model. According to the malicious code detection and classification apparatus, a call graph between APIs is converted into an adjacent matrix, of which each row and each column are APIs, so as to be used as an input value of a machine-learning-based analysis model, and thus malicious code can be detected at a detection rate and accuracy higher than those of conventional technology.
More Like This:
| JP7176379 | Information processing device, information processing method, and program |
| WO/2018/031015 | USB BAITING METHOD AND DESIGN |
| WO/2017/053365 | APPLICATION PHENOTYPING |
Inventors:
JUNG SOUHWAN (KR)
NGUYEN VU LONG (KR)
SHIM HYUNSEOK (KR)
NGUYEN VU LONG (KR)
SHIM HYUNSEOK (KR)
Application Number:
PCT/KR2020/016939
Publication Date:
May 27, 2022
Filing Date:
November 26, 2020
Export Citation:
Assignee:
FOUNDATION SOONGSIL UNIV INDUSTRY COOPERATION (KR)
International Classes:
G06F21/56; G06F16/28
Foreign References:
| US20070156889A1 | 2007-07-05 | |||
| KR20180019429A | 2018-02-26 | |||
| KR20150047241A | 2015-05-04 | |||
| KR101749210B1 | 2017-06-20 | |||
| US20160306971A1 | 2016-10-20 |
Attorney, Agent or Firm:
YUN, Kuisang (KR)
Download PDF: