loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Ravinder R. Ravula ; Chien-Chung Chan and Kathy J. Liszka

Affiliation: University of Akron, United States

ISBN: 978-989-8425-79-9

Keyword(s): Malware, Reverse engineering, Data mining, Decision trees.

Related Ontology Subjects/Areas/Topics: Artificial Intelligence ; Business Analytics ; Computational Intelligence ; Data Analytics ; Data Engineering ; Evolutionary Computing ; Information Extraction ; Knowledge Discovery and Information Retrieval ; Knowledge-Based Systems ; Machine Learning ; Pre-Processing and Post-Processing for Data Mining ; Soft Computing ; Symbolic Systems

Abstract: Detecting new and unknown malware is a major challenge in today¹s software security profession. Most existing works for malware detection are based on static features of malware. In this work, we applied a reversed engineering process to extract static and behavioural features from malware. Two data sets are created based on reversed features and API Call features. Essential features are identified by applying Weka’s J48 decision tree classifier to 582 malware and 521 benign software samples collected from the Internet. The performance of decision tree and Naïve Bayes classifiers are evaluated by 5-fold cross validation with 80-20 splits of training sets. Experimental results show that Naïve Bayes classifier has better performance on the smaller data set with 12 reversed features, while J48 has better performance on the data set created from the API Call data set with 141 features.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 35.173.234.237

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
R. Ravula, R.; Chan, C. and J. Liszka, K. (2011). DYNAMIC ANALYSIS OF MALWARE USING DECISION TREES.In Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2011) ISBN 978-989-8425-79-9, pages 74-83. DOI: 10.5220/0003660200740083

@conference{kdir11,
author={Ravinder R. Ravula. and Chien{-}Chung Chan. and Kathy J. Liszka.},
title={DYNAMIC ANALYSIS OF MALWARE USING DECISION TREES},
booktitle={Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2011)},
year={2011},
pages={74-83},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003660200740083},
isbn={978-989-8425-79-9},
}

TY - CONF

JO - Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2011)
TI - DYNAMIC ANALYSIS OF MALWARE USING DECISION TREES
SN - 978-989-8425-79-9
AU - R. Ravula, R.
AU - Chan, C.
AU - J. Liszka, K.
PY - 2011
SP - 74
EP - 83
DO - 10.5220/0003660200740083

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.