loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Nada Alruhaily ; Behzad Bordbar and Tom Chothia

Affiliation: University of Birmingham, United Kingdom

Keyword(s): Malware, Classification Algorithms, Machine Learning, Behavioural Analysis.

Abstract: A number of machine learning based malware detection systems have been suggested to replace signature based detection methods. These systems have shown that they can provide a high detection rate when recognising non-previously seen malware samples. However, in systems based on behavioural features, some new malware can go undetected as a result of changes in behaviour compared to the training data. In this paper we analyse misclassified malware instances and we investigated whether there were recognisable patterns across these misclassifications. Several questions needed to be understood: Can we claim that malware changes over time directly affect the detection rate? Do changes that affect classification occur in malware at the level of families, where all instances that belong to certain families are hard to detect? Alternatively, can such changes be traced back to certain malware variants instead of families? Our experiments showed that these changes are mostly due to behavioural changes at the level of variants across malware families where variants did not behave as expected. This is can be due to the adoption of anti-virtualisation techniques, the fact that these variants were looking for a specific argument to be activated or it can be due to the fact that these variants were actually corrupted. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.145.38.117

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Alruhaily, N.; Bordbar, B. and Chothia, T. (2017). Towards an Understanding of the Misclassification Rates of Machine Learning-based Malware Detection Systems. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-209-7; ISSN 2184-4356, SciTePress, pages 101-112. DOI: 10.5220/0006174301010112

@conference{icissp17,
author={Nada Alruhaily. and Behzad Bordbar. and Tom Chothia.},
title={Towards an Understanding of the Misclassification Rates of Machine Learning-based Malware Detection Systems},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP},
year={2017},
pages={101-112},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006174301010112},
isbn={978-989-758-209-7},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP
TI - Towards an Understanding of the Misclassification Rates of Machine Learning-based Malware Detection Systems
SN - 978-989-758-209-7
IS - 2184-4356
AU - Alruhaily, N.
AU - Bordbar, B.
AU - Chothia, T.
PY - 2017
SP - 101
EP - 112
DO - 10.5220/0006174301010112
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic