Abstract

Techniques to detect malicious code running underlying a user interface are described. The software application is detected as potential malware if a mismatch is detected between the interface presented to the user and computations performed by the application that presents the user interface. A trained machine learning model is applied for such detection. With user permission, a sequence of rendered images that represent the user interface and a sequence of execution traces sampled from computational operations performed by the application that presents the interface are provided as inputs the model. The model outputs a score indicative of appropriateness of the amount of computation for the user interface.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.

Recommended Citation

Cărbune, Victor and Damian, Alexandru, "Detecting malware based on mismatch between user interface and computation load", Technical Disclosure Commons, (November 09, 2018)
https://www.tdcommons.org/dpubs_series/1640

Download

COinS

Technical Disclosure Commons

Defensive Publications Series

Detecting malware based on mismatch between user interface and computation load

Abstract

Creative Commons License

Recommended Citation

Browse

Search

Submit

Additional Information

Technical Disclosure Commons

Defensive Publications Series

Detecting malware based on mismatch between user interface and computation load

Inventor(s)

Abstract

Creative Commons License

Recommended Citation

Share

Browse

Search

Submit

Additional Information