OBJECT-ORIENTED METHOD FOR ENHANCING COMPUTING NODE SECURITY BY MEANS OF OPERATING SYSTEM AUDIT SUBSYSTEM
Keywords:
Security enhancement, operating system audit subsystem, malicious software, neural networksAbstract
The article considers an object-oriented way of enhancing the security of a computer node based on the operating system audit subsystem. To increase security, it is proposed to use the audit subsystem as a means of monitoring the processes and system calls they make in the system. In order to analyze the maliciousness of the process being monitored a classifier is used implemented using a neural network represented as a multilayer Rosenblatt perceptron. Training of the model is carried out by using a data set consisting of system calls received as a result of malicious software.
References
Businesses Impacted by Repeated Ransomware Attacks and Failing to Close the Gap on Exploits, According to Sophos Global Survey [Електронний ресурс] // Sophos. URL: https://www.sophos.com/en-us/press-office/press-releases/2018/ 01/businesses-impacted-by-repeated-ransomware-attacks-according-to-sophos-global-survey.aspx (дата звернення: 20.03.2020).
J. W. Stokes, D. Wang, M. Marinescu, M. Marino and B. Bussone, "Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Detection Models, MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM), Los Angeles, CA, 2018, pp. 1-8.
Kelly Shortridge, What is the Linux Auditing System [Електронний ресурс] // Capsule8. January 7, 2020/ URL: https://capsule8.com/blog/auditd-what-is-the-linux-auditing-system/ (дата звернення: 20.03.2020).
Lapowsky, “Malware last 10 years” [Електронний ресурс] // AV-TEST. URL: https://www.av-test.org/en/statistics/malware/ (дата звернення: 20.03.2020).
Liu, Xinbo & Lin, Yaping & Li, He & Zhang, Jiliang. A Novel Method for Malware Detection on ML-based Visualization Technique. Computers & Security. 89. 101682. 10.1016/j.cose.2019.101682. (2019)
R. Agrawal, J. W. Stokes, M. Marinescu and K. Selvaraj, "Neural Sequential Malware Detection with Parameters," 2018 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Calgary, AB, 2018, pp. 2656-2660.
