Cai et al., 2007 - Google Patents
Comparison of feature selection and classification algorithms in identifying malicious executablesCai et al., 2007
- Document ID
- 15783023576722398264
- Author
- Cai D
- Gokhale M
- Theiler J
- Publication year
- Publication venue
- Computational statistics & data analysis
External Links
Snippet
Malicious executables, often spread as email attachments, impose serious security threats to computer systems and associated networks. We investigated the use of byte sequence frequencies as a way to automatically distinguish malicious from benign executables without …
- 238000007635 classification algorithm 0 title abstract description 4
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6279—Classification techniques relating to the number of classes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6268—Classification techniques relating to the classification paradigm, e.g. parametric or non-parametric approaches
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6217—Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30705—Clustering or classification
- G06F17/3071—Clustering or classification including class or cluster creation or modification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/36—Image preprocessing, i.e. processing the image information without deciding about the identity of the image
- G06K9/46—Extraction of features or characteristics of the image
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7519998B2 (en) | Detection of malicious computer executables | |
| Galal et al. | Behavior-based features model for malware detection | |
| Baldwin et al. | Leveraging support vector machine for opcode density based detection of crypto-ransomware | |
| Blue et al. | Ransomware detection on linux operating system using recurrent neural networks with binary opcode analysis | |
| Tahan et al. | Mal-id: Automatic malware detection using common segment analysis and meta-features | |
| Kolter et al. | Learning to detect and classify malicious executables in the wild. | |
| Sun et al. | An opcode sequences analysis method for unknown malware detection | |
| Kapoor et al. | Control Flow Graph Based Multiclass Malware Detection Using Bi-normal Separation. | |
| Schofield et al. | Convolutional neural network for malware classification based on API call sequence | |
| Karampatziakis et al. | Using file relationships in malware classification | |
| Chowdhury et al. | Protecting data from malware threats using machine learning technique | |
| El Boujnouni et al. | New malware detection framework based on N-grams and support vector domain description | |
| Cai et al. | Comparison of feature selection and classification algorithms in identifying malicious executables | |
| Dhalaria et al. | A framework for detection of android malware using static features | |
| Uppal et al. | Exploring behavioral aspects of API calls for malware identification and categorization | |
| Singh et al. | Minimized feature overhead malware detection machine learning model employing MRMR‐based ranking | |
| Bolton et al. | APT malware static trace analysis through bigrams and graph edit distance | |
| Darshan et al. | An empirical study to estimate the stability of random forest classifier on the hybrid features recommended by filter based feature selection technique | |
| Ni et al. | FindMal: A file-to-file social network based malware detection framework | |
| Habtor et al. | Machine-learning classifiers for malware detection using data features | |
| Duarte-Garcia et al. | Automatic malware clustering using word embeddings and unsupervised learning | |
| Karampudi et al. | Malware analysis using machine learning | |
| Wael et al. | Malicious VBScript detection algorithm based on data-mining techniques | |
| Geden et al. | Classification of malware families based on runtime behaviour | |
| Gavrilut et al. | Dealing with class noise in large training datasets for malware detection |