| | |
| | |
Stat |
Members: 3645 Articles: 2'501'711 Articles rated: 2609
19 April 2024 |
|
| | | |
|
Article overview
| |
|
A Static Malware Detection System Using Data Mining Methods | Usukhbayar Baldangombo
; Nyamjav Jambaljav
; Shi-Jinn Horng
; | Date: |
13 Aug 2013 | Abstract: | A serious threat today is malicious executables. It is designed to damage
computer system and some of them spread over network without the knowledge of
the owner using the system. Two approaches have been derived for it i.e.
Signature Based Detection and Heuristic Based Detection. These approaches
performed well against known malicious programs but cannot catch the new
malicious programs. Different researchers have proposed methods using data
mining and machine learning for detecting new malicious programs. The method
based on data mining and machine learning has shown good results compared to
other approaches. This work presents a static malware detection system using
data mining techniques such as Information Gain, Principal component analysis,
and three classifiers: SVM, J48, and Na"ive Bayes. For overcoming the lack of
usual anti-virus products, we use methods of static analysis to extract
valuable features of Windows PE file. We extract raw features of Windows
executables which are PE header information, DLLs, and API functions inside
each DLL of Windows PE file. Thereafter, Information Gain, calling frequencies
of the raw features are calculated to select valuable subset features, and then
Principal Component Analysis is used for dimensionality reduction of the
selected features. By adopting the concepts of machine learning and
data-mining, we construct a static malware detection system which has a
detection rate of 99.6%. | Source: | arXiv, 1308.2831 | Services: | Forum | Review | PDF | Favorites |
|
|
No review found.
Did you like this article?
Note: answers to reviews or questions about the article must be posted in the forum section.
Authors are not allowed to review their own article. They can use the forum section.
browser Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
|
| |
|
|
|
| News, job offers and information for researchers and scientists:
| |