| As the result of the increasing development and application of the computer andInternet, people’s life benefits a lot from the digital world. Nevertheless, along with thespreading of the user private information on the Internet and computer, the danger ofleaking user privacy and information has also grown rapidly. Identifying and preventingthe data and actions that could threat the security of user private information in themassive digital world has becoming a major research spot in the security area.The main focus of the information security area is malware recognition and intrusiondetection. The common approaches of malware recognition include statically analyzingthe binary sample characteristic and dynamically extracting the behavior of the samples.Intrusion detection includes network based and host based intrusion detection. Accordingto the study of this research area, we can find that researchers always capture data fromsystem calls, register access state, file system access state, and preprocessing these datawith some designed strategies and models, finally, classifying the sample file and systemstate using technique in machine learning and data mining.To take an advanced position in the combat of information security, researchersshould focus not only on malware recognition or intrusion detection, but also the hackersbehind the malware and intrusions. Learning their behavior patterns and habits could dogreat good to information security. Thus, we can define a proper model of high-levelbehavior, capture data by means similar to malware and intrusion detection, format thedata with dedicated strategies such data-streaming, and finally judge the underlyinghigh-level behaviors within these data by some kind of machine learning and classificationmethods. If the accuracy of the high-level behavior model reaches is high enough, it canmaybe succinctly describe the behavior patterns and habits of the hackers in behind. |
PDF Full Text Request