2023

Постійне посилання на фонд

https://ela.kpi.ua/handle/123456789/62332

Переглянути

Перегляд 2023 за Ключові слова "004.056"

Зараз показуємо 1 - 2 з 2
  • Ескіз
    ДокументВідкритий доступ
    Analysis of the core research for vendor email compromise filtering model using machine learning
    (Igor Sikorsky Kyiv Polytechnic Institute, 2023) Zibarov, Dmytro; Kozlenko, Oleh
    Vendor email compromise became one of most sophisticated types of social engineering attacks. Strengths of this malicious activity rely on basis of impersonating vendor that company working with. Thus, it is easy for attacker to exploit this trust for doing different type of data exfiltration or ransom. To mitigate risks, that come with these challenges, information security specialist should consider using different types of approaches, including machine learning, to identify anomalies in email, so further damages can be prevented. The purpose of this work lies in the identification of optimal approach for VEC-style attacks detection and optimizing these approaches with least amount of falsepositive (FP) parameters. The object of this research is different methods of text processing algorithms, including machine learning methods for detecting VEC emails. The subject of research in this paper mainly considers impact of mentioned text processing algorithms and its relation with efficiency of VEC email classification, identifying most effective approach and, also, how to improve results of such detections. Results of this paper consists of details for VEC-email attacks detection, challenges that comes with different approaches and proposed solution, that lies in using text processing techniques and agentrelated approach with main sphere of implication – machine-learning systems, that are used for identifying social-engineering attacks through email.
  • Ескіз
    ДокументВідкритий доступ
    Malware Detection System Based on Static and Dynamic Analysis Using Machine Learning
    (Igor Sikorsky Kyiv Polytechnic Institute, 2023) Nafiiev, Alan; Rodionov, Andrii
    Cyber wars and cyber attacks are an urgent problem in the global digital environment. Based on existing popular detection methods, malware authors are creating ever more advanced and sophisticated malware. Therefore, this study aims to create a malware analysis system that uses both dynamic and static analysis. Our system is based on a machine learning method - support vector machine. The set of data used was collected from various Internet sources. It consists of 257 executable files in .exe format, 178 of which are malicious and 79 are benign. We use 5 different types of data representation: binary information, trace instructions, control flow graph, information obtained from the dynamic operation of the file, and file metadata. Then, using multiple kernel learning, we combine all data views and create one summative machine learning model.