K-Means Clustering Analysis Based on Adaptive Weights for Malicious Code Detection

Submitted by grigby1 on Mon, 04/06/2020 - 2:23pm

Title	K-Means Clustering Analysis Based on Adaptive Weights for Malicious Code Detection
Publication Type	Conference Paper
Year of Publication	2019
Authors	Haoliang, Sun, Dawei, Wang, Ying, Zhang
Conference Name	2019 IEEE 11th International Conference on Communication Software and Networks (ICCSN)
Publisher	IEEE
ISBN Number	978-1-7281-2184-0
Keywords	adaptive weights-MMKM, AW-MMKM, clustering, composability, computer network security, cyber physical systems, k-means clustering analysis, malicious code, malicious code detection, malicious codes, Metrics, network behavior, network coding, network scanning, Network security, network traffic, pattern clustering, pubcrawl, resilience, Resiliency, statistical analysis, telecommunication traffic, traditional detection techniques, traffic characteristics
Abstract	Nowadays, a major challenge to network security is malicious codes. However, manual extraction of features is one of the characteristics of traditional detection techniques, which is inefficient. On the other hand, the features of the content and behavior of the malicious codes are easy to change, resulting in more inefficiency of the traditional techniques. In this paper, a K-Means Clustering Analysis is proposed based on Adaptive Weights (AW-MMKM). Identifying malicious codes in the proposed method is based on four types of network behavior that can be extracted from network traffic, including active, fault, network scanning, and page behaviors. The experimental results indicate that the AW-MMKM can detect malicious codes efficiently with higher accuracy.
URL	https://ieeexplore.ieee.org/document/8905286
DOI	10.1109/ICCSN.2019.8905286
Citation Key	haoliang_k-means_2019

Groups:

Science of Security VO