|
In recent years, the number of cyber attacks is increasing year by year, and there is a concern about the diversification of malware due to the spread of 5G and internet of things (IoT) devices. In particular, attacks cannot be prevented by conventional signature-based countermeasures alone. Therefore, many kinds of defense systems, (e.g., defense-in-depth systems and machine-learning-based systems) have been studied. However, cyber attacks have become more and more sophisticated, and there exist malwares that evade detection in sandboxes. Therefore, in this study, in order to detect malwares that evade detection systems, we propose a class classification that focuses on the existence of evasion techniques. In contrast to the conventional binary classifications, the proposed system categorizes applications into three types: malware that evades analysis on sandboxes, malware that does not, and benign software.
|
