Feedback
Settings

Settings

Goto Application

1. WO2022114392 - FEATURE SELECTION-BASED MOBILE MALICIOUS CODE CLASSIFICATION METHOD, AND RECORDING MEDIUM AND DEVICE FOR PERFORMING SAME

Submit observation
PermaLink
Publication Number WO/2022/114392
Publication Date 02.06.2022
International Application No. PCT/KR2021/001194
International Filing Date 29.01.2021
IPC
G06F 21/56 2013.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
G06F 16/28 2019.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
16Information retrieval; Database structures therefor; File system structures therefor
20of structured data, e.g. relational data
28Databases characterised by their database models, e.g. relational or object models
CPC
G06F 21/562
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
562Static detection
G06F 2221/033
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
2221Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
033Test or assess software
G06N 3/045
G06N 3/048
G06N 3/08
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
3Computer systems based on biological models
02using neural network models
08Learning methods
Applicants
  • 숭실대학교 산학협력단 FOUNDATION OF SOONGSIL UNIVERSITY-INDUSTRY COOPERATION [KR]/[KR]
Inventors
  • 이정현 YI, Jeong Hyun
  • 고은별 KO, Eun Byeol
Agents
  • 윤귀상 YUN, Kuisang
Priority Data
10-2020-016166926.11.2020KR
Publication Language Korean (ko)
Filing Language Korean (KO)
Designated States
Title
(EN) FEATURE SELECTION-BASED MOBILE MALICIOUS CODE CLASSIFICATION METHOD, AND RECORDING MEDIUM AND DEVICE FOR PERFORMING SAME
(FR) PROCÉDÉ DE CLASSIFICATION DE CODE MALVEILLANT MOBILE BASÉ SUR UNE SÉLECTION DE CARACTÉRISTIQUES, ET SUPPORT D'ENREGISTREMENT ET DISPOSITIF POUR SA MISE EN ŒUVRE
(KO) 특성 선택에 기반한 모바일 악성 코드 분류 방법, 이를 수행하기 위한 기록 매체 및 장치
front page image
Abstract
(EN) A feature selection-based mobile malicious code classification method comprises the steps of: extracting API feature information including a package name, a class name, a method name, and a description from a malicious application, the category of which is determined; vectorizing a training dataset, generated by using the package name, the class name, and the method name among the API feature information, so as to enable deep learning of the training dataset; generating a classifier by learning the vectorized training dataset; classifying a target malicious application into a category for which the target malicious application is suitable, on the basis of a probability; and designating a category of the target malicious application by using a result of the classification, and outputting a classified important API. Accordingly, it is possible to quickly respond to a malicious action of a malicious application and prevent damage caused by the malicious action.
(FR) Un procédé de classification de code malveillant mobile basé sur une sélection de caractéristiques comprend les étapes consistant : à extraire des informations de caractéristique d'API comprenant un nom de paquet, un nom de classe, un nom de procédé et une description à partir d'une application malveillante, dont la catégorie est déterminée ; à vectoriser un ensemble de données de formation, généré à l'aide du nom de paquet, du nom de classe et du nom de procédé parmi les informations de caractéristique d'API, de façon à permettre un apprentissage profond de l'ensemble de données de formation ; à générer un classificateur par apprentissage de l'ensemble de données de formation vectorisé ; à classifier une application malveillante cible dans une catégorie à laquelle l'application malveillante cible est appropriée, sur la base d'une probabilité ; et à désigner une catégorie de l'application malveillante cible à l'aide d'un résultat de la classification, et à délivrer une API importante classée. Par conséquent, il est possible de répondre rapidement à une action malveillante d'une application malveillante et d'éviter des dommages causés par l'action malveillante.
(KO) 특성 선택에 기반한 모바일 악성 코드 분류 방법은, 카테고리가 정해진 악성 애플리케이션으로부터 패키지 명, 클래스 명, 메소드 명 및 디스크립션을 포함하는 API 특성정보를 추출하는 단계; 상기 API 특성정보 중 패키지 명, 클래스 명 및 메소드 명을 이용하여 생성한 트레이닝 데이터셋을 딥 러닝할 수 있도록 벡터화하는 단계; 벡터화된 트레이닝 데이터셋을 학습하여 분류기를 생성하는 단계; 타겟 악성 애플리케이션이 어떤 카테고리에 적합한지 확률로써 분류하는 단계; 및 분류 결과를 이용하여 타겟 악성 애플리케이션의 카테고리를 지정해주고 분류 중요 API를 출력하는 단계;를 포함한다. 이에 따라, 악성 애플리케이션의 악성 행위에 대해 빠르게 대처할 수 있고 악성 행위로 인한 피해를 방지할 수 있다. [대표도] 도 1
Related patent documents
KR102302484
US20220179955
Latest bibliographic data on file with the International Bureau
# -