Malware classification using static analysis based features

Submitted by grigby1 on Wed, 06/20/2018 - 12:56pm

Title	Malware classification using static analysis based features
Publication Type	Conference Paper
Year of Publication	2017
Authors	Hassen, M., Carvalho, M. M., Chan, P. K.
Conference Name	2017 IEEE Symposium Series on Computational Intelligence (SSCI)
Date Published	nov
Keywords	anti-virus vendors, computer viruses, control statement shingling, Decision trees, feature extraction, Human Behavior, learning (artificial intelligence), machine learning algorithms, machine learning features, Malware, malware binaries, malware classification, Metrics, ordinary opcode n-gram based features, pattern classification, privacy, program diagnostics, pubcrawl, resilience, Resiliency, static analysis, Training, Vegetation
Abstract	Anti-virus vendors receive hundreds of thousands of malware to be analysed each day. Some are new malware while others are variations or evolutions of existing malware. Because analyzing each malware sample by hand is impossible, automated techniques to analyse and categorize incoming samples are needed. In this work, we explore various machine learning features extracted from malware samples through static analysis for classification of malware binaries into already known malware families. We present a new feature based on control statement shingling that has a comparable accuracy to ordinary opcode n-gram based features while requiring smaller dimensions. This, in turn, results in a shorter training time.
URL	https://ieeexplore.ieee.org/document/8285426/
DOI	10.1109/SSCI.2017.8285426
Citation Key	hassen_malware_2017

Groups:

Science of Security VO