Early Detection of In-Memory Malicious Activity Based on Run-Time Environmental Features

Dorel Yaffe, Danny Hendler

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

We present a novel end-to-end solution for in-memory malicious activity detection done prior to exploitation by leveraging machine learning capabilities based on data from unique run-time logs, which are carefully curated in order to detect malicious activity in the memory of protected processes. This solution achieves reduced overhead and false positives as well as deployment simplicity.

Original languageEnglish
Title of host publicationCyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings
EditorsShlomi Dolev, Oded Margalit, Benny Pinkas, Alexander Schwarzmann
PublisherSpringer Science and Business Media Deutschland GmbH
Pages397-404
Number of pages8
ISBN (Print)9783030780852
DOIs
StatePublished - 1 Jan 2021
Event5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021 - Be'er Sheva, Israel
Duration: 8 Jul 20219 Jul 2021

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12716 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021
Country/TerritoryIsrael
CityBe'er Sheva
Period8/07/219/07/21

Keywords

  • Early detection
  • In-memory attacks
  • Malware detection

Fingerprint

Dive into the research topics of 'Early Detection of In-Memory Malicious Activity Based on Run-Time Environmental Features'. Together they form a unique fingerprint.

Cite this