Abstract
The aim of the research is to increase the reliability of the behavior diagnostics by developing new models and methods based on scripts automatically extracted from data. An improved model of script hierarchies is proposed by adding concepts of role, forest of hierarchies, as well as the support function that connects them. An improved model of multilevel behavior pattern construction is proposed. That, unlike existing models, enabled using methods based on machine learning, along with an expert, to formulate scripts. The 2-staged method for diagnosing the objects behavior based on script hierarchies is developed: at the first stage, identification of the tested behavior to one or several script hierarchies is made; in the second stage, based on the naive Bayesian classifier, it is detected if the object belongs to one or more classes. Approbation of models and methods for the subject area of detecting malicious programs is carried out. The results show an increase in detection reliability.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Schank, R.C., Abelson, R.P.: Scripts, plans, and knowledge. Yale University, New Haven, Connecticut USA (1975)
Minsky, M.: Freymy dlya predstavleniya znaniy. Energiya, Moscow (1979)
Ruvinskaya, V.M., Berkovich, E.L., Lotockiy, A.A.: Heuristic method of malware detection on the basis of scripts. Iskusstvenniy intellekt 3, 197–207 (2008)
Moldavskaya, A.V., Ruvinskaya, V.M., Berkovich, E.L.: Method of learning malware behavior scripts by sequential pattern mining. In: Gammerman, A., Luo, Z., Vega, J., Vovk, V. (eds.) Conformal and Probabilistic Prediction with Applications. COPA 2016. Lecture Notes in Computer Science, Vol. 9653, pp. 196–207. Springer, Cham (2016)
Surmin, Yu.P.: Teoriya sistem i sistemniy analiz. MAUP, Kyiv (2003)
Chernyshov, V.N., Chernyshov, A.V.: Teoriya sistem i sistemnyy analiz. Izdatel’stvo Tambovskogo gosudarstvennogo tekhnicheskogo universiteta, Tambov (2008)
Tocenko, V.G.: Metody i sistemy podderzhki prinyatiya resheniy. Algoritmicheskiy aspekt. Naukova dumka, Kyiv (2002)
Polikarpova, N.I., Shalyto, A.A.: Avtomatnoe programmirovanie, 2nd edn. Piter, Saint Petersburg (2010)
Gladun, V.P.: Obnaruzhenie znaniy na osnove setevyh struktur. Int. J. Inf. Technol. Knowl. 4(4), 303–328 (2010)
Schank, R.C., Abelson, R.P.: Scripts, plans and goals. In: IJCAI 1975, Proceedings of the 4th International Joint Conference on Artificial intelligence, vol. 1, pp. 151–157, San Francisco, CA, USA (1975)
Polatovskaya, O.S.: Freym-scenariy kak tip konceptov. Vestnik IGLU 4(25), 161–163 (2013)
Gupta, M., Han, J.: Approaches for pattern discovery using sequential data mining. In: Pattern Discovery Using Sequence Data Mining: Applications and Studies. IGI Global, pp. 137–154 (2012)
Il’in, V.I.: Povedenie potrebiteley. Piter, Saint Petersburg (2000)
Rieck, K., Holz, T., Willems, C., Düssel, P., Laskov, P.: Learning and Classification of Malware Behavior. In: Zamboni, D. (ed.) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2008. Lecture Notes in Computer Science, vol. 5137, pp. 108–125. Springer, Heidelberg (2008)
Kovalenko, A.S., Smirnov, O.A., Kovalenko, O.V.: Subsystem technical diagnostics for automation of processes control in integrated information systems. Systemy ozbroiennia i viyskova tekhnika 1, 126–129 (2014)
Yuan, Q., Cong, G., Thalmann, N.M.: Enhancing naive bayes with various smoothing methods for short text classification. In: Proceedings of the 21st International Conference on World Wide Web, pp. 645–646. Lyon, France (2012)
Mohaisen, A., Alrawi, O., Mohaisen, M.: AMAL: high-fidelity, behavior-based automated malware analysis and classification. Comput. Secur. 52, 251–266 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Ruvinskaya, V., Moldavskaya, A. (2019). Methods for Automated Generation of Scripts Hierarchies from Examples and Diagnosis of Behavior. In: Chertov, O., Mylovanov, T., Kondratenko, Y., Kacprzyk, J., Kreinovich, V., Stefanuk, V. (eds) Recent Developments in Data Science and Intelligent Analysis of Information. ICDSIAI 2018. Advances in Intelligent Systems and Computing, vol 836. Springer, Cham. https://doi.org/10.1007/978-3-319-97885-7_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-97885-7_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-97884-0
Online ISBN: 978-3-319-97885-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)