Weitere Kapitel dieses Buchs durch Wischen aufrufen
Detection of malware using soft computing methods has been explored extensively by many malware researchers to enable fast and infallible detection of newly released malware. In this work, we did a comparative study of two- and multi-class-classification-based detection of malicious executables using soft computing techniques on exhaustive feature set. During this comparative study, a rigorous analysis of static features, extracted from benign and malicious files, was conducted. For the analysis purpose, a generic framework was devised and is presented in this paper. Reference dataset (RDS) from National software reference library (NSRL) was explored in this study as a mean for filtering out benign files during analysis. Finally, through well-corroborated experiments, it is shown that AdaBoost, when combined with algorithms such as C4.5 and random forest with two-class classification, outperforms many other soft-computing-based techniques.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
M. Christodorescu and S. Jha. Testing malware detectors. In Proceedings of the International Symposium on Software Testing and Analysis, July 2004.
G. McGraw and G. Morrisett. Attacking malicious code: A report to the infosec research council. IEEE Software, 17(5):33–44, 2000.
A. Vasudevan and R. Yerraballi. Spike: Engineering malware analysis tools using unobtrusive binary-instrumentation. In Proceedings of the 29th Australasian Computer Science Conference, pages 311–320, 2006.
F. Veldman, “Heuristic Anti-Virus Technology”, International Virus Bulletin Conference, pp.67–76, USA, 1993.
J. Munro, “Antivirus Research and Detection Techniques”, Antivirus Research and Detection Techniques, ExtremeTech, 2002, available at http://www.extremetech.com/article2/0,2845,367051,00.asp.
M. G. Schultz, E. Eskin, E. Zadok, and S. J. Stolfo. Data mining methods for detection of new malicious executables. In Proceedings of the 2001 IEEE Symposium on Security and Privacy (S&P’01), pages 38–49, May 2001
M. Zubair Shafiq, S. Momina Tabish, Fauzan Mirza, Muddassar Farooq. PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime. In Proceedings of the 2009 Recent Advances in Intrusion Detection (RAID) Symposium-Springer.
YanfangYe, D. Wang, T. Li, and D. Ye. IMDS: Intelligent Malware Detection System. In KDD ‘07: Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and Data Mining
Yanfang Ye, Dingding Wang, Tao Li, Dongyi Ye, Qingshan Jiang: An intelligent PE-malware detection system based on association mining. Journal in Computer Virology 4(4): 323–334 (2008)
Tzu-Yen Wang, Chin-Hsiung Wu, Chu-Cheng Hsieh, A Virus Prevention Model Based on Static Analysis and Data Mining Methods, IEEE 8th International Conference on Computer and Information Technology Workshops, 2008.
Feng Shaorong, Han Zhixue, An Incremental Associative Classification algorithm used for Malware Detection, 2nd International Conference on Future Computer and Communication (ICFCC), 2010.
A Sami, B Yadegari, H Rahimi, N Peiravian, S Hashemi and A Hamze, Malware Detection based on Mining API Calls, In Proceedings of the 2010 ACM Symposium on Applied Computing.
M. Siddiqui, M. C. Wang, and J. Lee, “Detecting trojans using data mining techniques.” in IMTIC, ser. Communications in Computer and Information Science, D. M. A. Hussain, A. Q. K. Rajput, B. S. Chowdhry, and Q. Gee, Eds., vol. 20. Springer, 2008, pp. 400–411
VX Heaven http://vx.netlux.org
- Comparative Study of Two- and Multi-Class-Classification-Based Detection of Malicious Executables Using Soft Computing Techniques on Exhaustive Feature Set
- Springer India
Neuer Inhalt/© ITandMEDIA, Product Lifecycle Management/© Eisenhans | vege | Fotolia