Journal ArticleDOI
Feature Reduction and Optimization of Malware Detection System Using Ant Colony Optimization and Rough Sets
Reads0
Chats0
TLDR
This work contributes to identifying the minimum feature set for malware detection employing a rough set dependent feature significance combined with Ant Colony Optimization (ACO) as the heuristic-search technique.Abstract:
Malware is a malicious program that can cause a security breach of a system. Malware detection and classification is one of the burning topics of research in information security. Executable files are the major source of input for static malware detection. Machine learning techniques are very efficient in behavioral-based malware detection and need a dataset of malware with different features. In windows, malware can be detected by analyzing the portable executable (PE) files. This work contributes to identifying the minimum feature set for malware detection employing a rough set dependent feature significance combined with Ant Colony Optimization (ACO) as the heuristic-search technique. A malware dataset named claMP with both integrated features and raw features was considered as the benchmark dataset for this work. The analytical results prove that 97.15% and 92.8% data size optimization has been achieved with a minimum loss of accuracy for claMP integrated and raw datasets, respectively.read more
Citations
More filters
Journal ArticleDOI
Bat optimization algorithm for wrapper-based feature selection and performance improvement of android malware detection
Journal ArticleDOI
Swarm Optimization and Machine Learning Applied to PE Malware Detection towards Cyber Threat Intelligence
TL;DR: In this article , the authors developed a new dataset called SOMLAP (Swarm Optimization and Machine Learning Applied to PE Malware Detection) with a value addition to the existing benchmark dataset.
Book ChapterDOI
FPGA in Core Calculation for Big Datasets
TL;DR: In this paper, FPGA and softcore CPU based hardware solution for big datasets core calculation focusing on rough set methods is presented. But the same operations were performed in software implementation.
Journal ArticleDOI
FPGA supported rough set reduct calculation for big datasets
Maciej Kopczynski,Tomasz Grzes +1 more
Journal ArticleDOI
Approximation operators via TD-matroids on two sets
Gang Wang,Hua Mao +1 more
TL;DR: In this article , the construction of approximation operators expressed by binary form with matroid theory is investigated, and the constructions of matroidal structure aided by a pair of approximation operator expressed in binary form.
References
More filters
Journal ArticleDOI
Random Forests
TL;DR: Internal estimates monitor error, strength, and correlation and these are used to show the response to increasing the number of features used in the forest, and are also applicable to regression.
Journal ArticleDOI
Ant system: optimization by a colony of cooperating agents
TL;DR: It is shown how the ant system (AS) can be applied to other optimization problems like the asymmetric traveling salesman, the quadratic assignment and the job-shop scheduling, and the salient characteristics-global data structure revision, distributed communication and probabilistic transitions of the AS.
Book ChapterDOI
Text Categorization with Suport Vector Machines: Learning with Many Relevant Features
TL;DR: This paper explores the use of Support Vector Machines for learning text classifiers from examples and analyzes the particular properties of learning with text data and identifies why SVMs are appropriate for this task.
Proceedings ArticleDOI
Inductive learning algorithms and representations for text categorization
TL;DR: A comparison of the effectiveness of five different automatic learning algorithms for text categorization in terms of learning speed, realtime classification speed, and classification accuracy is compared.
Proceedings ArticleDOI
Data mining methods for detection of new malicious executables
TL;DR: This work presents a data mining framework that detects new, previously unseen malicious executables accurately and automatically and more than doubles the current detection rates for new malicious executable.