Identification of malware activities with rules

@article{Jasiul2014IdentificationOM,
  title={Identification of malware activities with rules},
  author={Bartosz Jasiul and Joanna Sliwa and Kamil Gleba and Marcin Szpyrka},
  journal={2014 Federated Conference on Computer Science and Information Systems},
  year={2014},
  pages={101-110}
}
The article describes the method of malware activities identification using ontology and rules. The method supports detection of malware at host level by observing its behavior. It sifts through hundred thousands of regular events and allows to identify suspicious ones. They are then passed on to the second building block responsible for malware tracking and matching stored models with observed malicious actions. The presented method was implemented and verified in the infected computer… CONTINUE READING