Title | Enhancing Keylogger Detection Performance of the Dendritic Cell Algorithm by an Enticement Strategy |
Authors | 梁意文 |
Issue Date | 2014-06-01 |
Publisher | Journal of Computers |
Keywords | keylogger keystroke simulation dendritic cell algorithm (DCA) correlation |
Citation | Journal of Computers, 2014, 9(6):1347-1354 |
Abstract | Evasive software keyloggers hide their malicious behaviors to defeat run-time detection. In this paper, based on the analysis of the evasion mechanisms used by common software keyloggers, we established a framework for their detection. Using an enticement strategy, the framework we built could induce keyloggers exhibited more obvious malicious activities by mimicking user keystrokes. These ‘amplified’ activities are then correlated by the dendritic cell algorithm (an immune-inspired algorithm) to final determine the existence of a keylogger in a host. Preliminary experimental results showed that the framework could improve the performance of keylogger detection and hard to evade. |
Appears in Collections: | 信科院办公室 |