![Scientific and Technical Journal of Information Technologies, Mechanics and Optics](/images/mag-ntv.png)
INFORMATIVE FEATURE SELECTION IN SOFTWARE IDENTIFICATION TASK
![Scientific and Technical Journal of Information Technologies, Mechanics and Optics](/images/mag-ntv.png)
Annotation
Subject of Research.The need for slowdown of the increasing number of vulnerabilities caused by installation of unauthorized software on computer equipment, calls for an approach development to automate the audit of data storage media. The paper proposes an approach for identification of informative assembler commands. We study the effect of a chosen feature used for creation of unified program signature on the identification results. Methods. The Shannon method was used for informativity calculation. It gives the possibility to determine the feature informativity for random number of object classes and is independent of the volume of observed feature samples. Identification of elf-files was based on application of chi-square statistical homogeneity criterion. Main Results. Quantitative informativity characteristics for 118 assembler commands are obtained. The analysis of experiment results for executable files identification is carried out with the use of ten different features for creation of program signatures. Comparison is performed by chi-square homogeneity criterion at significance levels p = 0.05 and p = 0.01. Practical Relevance. We have found out the importance of particular feature application in the task of program signatures creation, as well as the possibility of considering several executable file signatures in common to create the final score of belonging to a certain program.
Keywords
Постоянный URL
Articles in current issue
- ON MODERN APPROACH TO AIRPLANE-TYPE UNMANNED AERIAL VEHICLES DESIGN WITH SHORT TAKEOFF AND LANDING PART III. NUMERICAL MODELING OF AIRCRAFT VORTEX AERODYNAMICS BY DISCRETE VORTEX METHOD
- LOCALIZED LASER VAPORIZATION OF FILMS WITH COMPLEX TOPOLOGIES FOR SURFACE ACOUSTIC WAVE MICROGYROSCOPE SENSOR
- OPTICAL FIELD AMPLITUDE DISTRIBUTION ON THE PATTERN PLATE OF OPTOELECTRONIC SYSTEM FOR MEASURING OF DITHER SYSTEM PARAMETERS IN RING LASER GYRO
- CHOOSING PARAMETERS OF SPATIAL POSITION CONTROL OPTICAL-ELECTRONIC SYSTEMS WITH ACTIVE REFERENCE MARKS
- DEFORMATION CONTROL METHOD OF COMPOSITE STRUCTURAL ELEMENTS BY FIBER-OPTIC ACOUSTIC EMISSION SENSOR
- SEMICONDUCTOR FREQUENCY STANDARD BASED ON P(16) SPECTRAL LINE OF ACETYLENE ISOTOPE WITH TEMPERATURE STABILIZATION BY PHASE MODULATION
- ELECTRIC GENERATOR CONTROL UNDER HIGH-FREQUENCY MEASUREMENT NOISES
- KNOWLEDGE TRANSFER FOR RUSSIAN CONVERSATIONAL TELEPHONE AUTOMATIC SPEECH RECOGNITION
- AUDIO-VISUAL SPEECH PROCESSING AND ANALYSIS BASED ON SUBSPACE PROJECTIONS
- EFFICIENCY IMPROVEMENT OF CODING METHOD BY INTRAFRAME PREDICTION IN H.265 / HEVC STANDARD
- DATABASE SEMANTIC MODEL APPLICATION IN NATURAL LANGUAGE USER INTERFACE DEVELOPMENT PROCESS
- INDUSTRY 4.0 DIGITAL PRODUCTION ORGANIZATION BASED ON CYBER AND PHYSICAL SYSTEMS AND ONTOLOGIES
- INFORMATIVE FEATURE SELECTION IN SOFTWARE IDENTIFICATION TASK
- DESIGN, DEVELOPMENT AND MAINTENANCE METHODOLOGY OF DOMAIN SEMANTIC PORTALS OF SCIENTIFIC AND TECHNICAL INFORMATION
- APPLICATION OF MAСHINE LEARNING METHODS FOR DETECTING OF JPEG IMAGE INTEGRITY VIOLATIONS
- OBJECT-PROCESS DATA MODEL FOR SERVICE-ORIENTED ARCHITECTURE OF INTEGRATED INFORMATION SYSTEMS
- ANALYSIS OF USERS’ PROTECTION FROM SOCIO-ENGINEERING ATTACKS: SOCIAL GRAPH CREATION BASED ON INFORMATION FROM SOCIAL NETWORK WEBSITES
- OPTIMAL MATHEMATICAL MODEL FOR DESCRIPTION OF PHYSICAL PHENOMENA AND TECHNOLOGICAL PROCESSES
- SYNTHESIS METHOD OF DIGITAL-TO-ANALOG CONVERTER SCHEMATIC MODELS FOR INTEGRATED CIRCUITS
- INTEGRATED CIRCUITS TIMING ANALYSIS WITH ACCOUNT OF PAD MODELS AND BOND WIRES
- ACCURACY INCREASE FOR AUTOMATIC VISUAL RUSSIAN SPEECH RECOGNITION: VISEME CLASSES OPTIMIZATION
- FEATURE COMBINATION FOR THE TASK OF NEURAL NETWORK ACOUSTIC MODEL LEARNING