Last modified: 2021-11-07
Abstract
There is a continuous exponential increase in the total number of malicious software for the last decade leading to the computing nodes integrity breach. Existing means are incapable of effective threats countering. Therefore, the problem is the invention of the adaptive method for threat detection. The article considers an adaptive method of security threat detection based on the operating system audit subsystem. The method uses audit subsystems as a means of monitoring the processes and system calls, they make in the system. The classifier is implemented using a neural network represented as a multilayer Rosenblatt perceptron. Training of the model was performed by the usage of a dataset consisting of system calls sequences received as a result of malicious software samples execution. The suggested method effectiveness in the detection of harmful impact is proven on the results of model testing on independent samples of malware and benign software.