loading
Papers
  • Login
  • Sign-Up

Research.Publish.Connect.

Paper

Authors: Robert Luh 1 ; Gregor Schramm 2 ; Markus Wagner 3 and Sebastian Schrittwieser 2

Affiliations: 1 St. Pölten University of Applied Sciences and De Montfort University, Austria ; 2 St. Pölten University of Applied Sciences, Austria ; 3 St. Pölten UAS, Austria

ISBN: 978-989-758-209-7

Keyword(s): Malware Analysis, System Behavior, Attribute Grammar, Knowledge Generation.

Abstract: Targeted attacks on IT systems are a rising threat against the confidentiality of sensitive data and the availability of critical systems. With the emergence of Advanced Persistent Threats (APTs), it has become more important than ever to fully understand the particulars of such attacks. Grammar inference offers a powerful foundation for the automated extraction of behavioral patterns from sequential system traces. In order to facilitate the interpretation and analysis of APTs, we present a grammar inference system based on Sequitur, a greedy compression algorithm that constructs a context-free grammar (CFG) from string-based input data. Next to recursive rule extraction, we expanded the procedure through automated assessment routines capable of dealing with multiple input sources and types. This enables the identification of relevant patterns in sequential corpora of arbitrary quantity and size. On the formal side, we extended the CFG with attributes that help depict the extracted (m alicious) actions in a comprehensive fashion. The tool’s output is automatically mapped to the grammar for further parsing and discovery-focused pattern visualization. (More)

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user or Join INSTICC now for free.

Sign In SciTePress user: please login.

Sign In INSTICC Members: please login. If not a member yet, Join INSTICC now for free.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.167.196.208. INSTICC members have higher download limits (free membership now)

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Luh R., Schramm G., Wagner M. and Schrittwieser S. (2017). Sequitur-based Inference and Analysis Framework for Malicious System Behavior.In Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017)ISBN 978-989-758-209-7, pages 632-643. DOI: 10.5220/0006250206320643

@conference{forse17,
author={Robert Luh and Gregor Schramm and Markus Wagner and Sebastian Schrittwieser},
title={Sequitur-based Inference and Analysis Framework for Malicious System Behavior},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017)},
year={2017},
pages={632-643},
doi={10.5220/0006250206320643},
isbn={978-989-758-209-7},
}

TY - CONF

JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017)
TI - Sequitur-based Inference and Analysis Framework for Malicious System Behavior
SN - 978-989-758-209-7
AU - Luh R.
AU - Schramm G.
AU - Wagner M.
AU - Schrittwieser S.
PY - 2017
SP - 632
EP - 643
DO - 10.5220/0006250206320643

Sorted by: Show papers

Note: The preferred Subjects/Areas/Topics, listed below for each paper, are those that match the selected paper topics and their ontology superclasses.
More...

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.

Show authors

Note: The preferred Subjects/Areas/Topics, listed below for each author, are those that more frequently used in the author's papers.
More...