Malware Analysis and Classification: A Survey
Reads0
Chats0
TLDR
This survey paper provides an overview of techniques for analyzing and classifying the malwares and finds that behavioral patterns obtained either statically or dynamically can be exploited to detect and classify unknownmalwares into their known families using machine learning techniques.Abstract:
One of the major and serious threats on the
Internet today is malicious software, often referred to as a malware. The
malwares being designed by attackers are polymorphic and metamorphic which have
the ability to change their code as they propagate. Moreover, the diversity and
volume of their variants severely undermine the effectiveness of traditional
defenses which typically use signature based techniques and are unable to
detect the previously unknown malicious executables. The variants of malware
families share typical behavioral patterns reflecting their origin and purpose.
The behavioral patterns obtained either statically or dynamically can be
exploited to detect and classify unknown malwares into their known families
using machine learning techniques. This survey paper provides an overview of
techniques for analyzing and classifying the malwares.read more
Citations
More filters
Journal ArticleDOI
A Survey on Malware Detection Using Data Mining Techniques
TL;DR: There is an urgent need to develop intelligent methods for effective and efficient malware detection from the real and large daily sample collection and a comprehensive investigation on both the feature extraction and the classification/clustering techniques is provided.
Proceedings ArticleDOI
Deep neural network based malware detection using two dimensional binary program features
Joshua Saxe,Konstantin Berlin +1 more
TL;DR: A deep neural network based malware detection system that Invincea has developed is introduced, which achieves a usable detection rate at an extremely low false positive rate and scales to real world training example volumes on commodity hardware.
Posted Content
Deep Neural Network Based Malware Detection Using Two Dimensional Binary Program Features
Joshua Saxe,Konstantin Berlin +1 more
TL;DR: In this paper, a deep neural network malware classifier is proposed that achieves a usable detection rate at an extremely low false positive rate and scales to real world training example volumes on commodity hardware.
Journal ArticleDOI
Survey of machine learning techniques for malware analysis
TL;DR: This survey aims at providing an overview on the way machine learning has been used so far in the context of malware analysis in Windows environments, i.e. for the analysis of Portable Executables.
Journal ArticleDOI
Ransomware threat success factors, taxonomy, and countermeasures
TL;DR: A holistic state-of-the-art review of the research on ransomware and its detection and prevention techniques is provided and a novel ransomware taxonomy is put forward, from several perspectives.
References
More filters
Journal ArticleDOI
The WEKA data mining software: an update
TL;DR: This paper provides an introduction to the WEKA workbench, reviews the history of the project, and, in light of the recent 3.6 stable release, briefly discusses what has been added since the last stable version (Weka 3.4) released in 2003.
Proceedings ArticleDOI
Approximate nearest neighbors: towards removing the curse of dimensionality
Piotr Indyk,Rajeev Motwani +1 more
TL;DR: In this paper, the authors present two algorithms for the approximate nearest neighbor problem in high-dimensional spaces, for data sets of size n living in R d, which require space that is only polynomial in n and d.
Book ChapterDOI
Fast effective rule induction
TL;DR: This paper evaluates the recently-proposed rule learning algorithm IREP on a large and diverse collection of benchmark problems, and proposes a number of modifications resulting in an algorithm RIPPERk that is very competitive with C4.5 and C 4.5rules with respect to error rates, but much more efficient on large samples.
Journal ArticleDOI
Approximate Nearest Neighbor: Towards Removing the Curse of Dimensionality
TL;DR: Two algorithms for the approximate nearest neighbor problem in high dimensional spaces for data sets of size n living in IR are presented, achieving query times that are sub-linear in n and polynomial in d.
Proceedings ArticleDOI
Data mining methods for detection of new malicious executables
TL;DR: This work presents a data mining framework that detects new, previously unseen malicious executables accurately and automatically and more than doubles the current detection rates for new malicious executable.