Are evolutionary rule learning algorithms appropriate for malware detection?

Authors:
M. Zubair Shafiq;S. Momina Tabish;Muddassar Farooq
Affiliations:
National University of Computer & Emerging Sciences (FAST-NUCES), Islamabad, Pakistan;National University of Computer & Emerging Sciences (FAST-NUCES), Islamabad, Pakistan;National University of Computer & Emerging Sciences (FAST-NUCES), Islamabad, Pakistan
Venue:
Proceedings of the 11th Annual conference on Genetic and evolutionary computation
Year:
2009

Citing 1
Cited 1

KEEL: a software tool to assess evolutionary algorithms for data mining problems

Soft Computing - A Fusion of Foundations, Methodologies and Applications - Special Issue on Evolutionary and Metaheuristics based Data Mining (EMBDM); Guest Editors: José A. Gámez, María J. del Jesús, José M. Puerta

Fuzzy classification metrics for scanner assessment and vulnerability reporting

IEEE Transactions on Information Forensics and Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we evaluate the performance of ten well-known evolutionary and non-evolutionary rule learning algorithms. The comparative study is performed on a real-world classification problem of detecting malicious executables. The executable dataset, used in this study, consists of a total of 189 attributes which are statically extracted from the executables of Microsoft Windows operating system. In our study, we evaluate the performance of rule learning algorithms with respect to four metrics: (1) classification accuracy, (2) the number of rules in the developed rule set, (3) the comprehensibility of the generated rules, and (4) the processing overhead of the rule learning process. The results of our study highlight important shortcomings in evolutionary rule learning classifiers that render them infeasible for deployment in a real-world malware detection system.