A survey of data mining techniques for malware detection using file features

Authors:
Muazzam Siddiqui;Morgan C. Wang;Joohan Lee
Affiliations:
University of Central Florida;University of Central Florida;University of Central Florida
Venue:
Proceedings of the 46th Annual Southeast Regional Conference on XX
Year:
2008

Citing 11
Cited 2

A Toolkit for Detecting and Analyzing Malicious Software

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Data Mining Methods for Detection of New Malicious Executables

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Learning to detect malicious executables in the wild

Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
N-Gram-Based Detection of New Malicious Code

COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Workshops and Fast Abstracts - Volume 02
Visualizing windows executable viruses using self-organizing maps

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Static Analyzer of Vicious Executables (SAVE)

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Host-based detection of worms through peer-to-peer cooperation

Proceedings of the 2005 ACM workshop on Rapid malcode
A Feature Selection and Evaluation Scheme for Computer Virus Detection

ICDM '06 Proceedings of the Sixth International Conference on Data Mining
IMDS: intelligent malware detection system

Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
A scalable multi-level feature extraction technique to detect malicious executables

Information Systems Frontiers
Data mining methods for malware detection

Data mining methods for malware detection

Learning from socio-economic characteristics of IP geo-locations for cybercrime prediction

International Journal of Business Intelligence and Data Mining
Analyzing and defending against web-based malware

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a survey of data mining techniques for malware detection using file features. The techniques are categorized based upon a three tier hierarchy that includes file features, analysis type and detection type. File features are the features extracted from binary programs, analysis type is either static or dynamic, and the detection type is borrowed from intrusion detection as either misuse or anomaly detection. It provides the reader with the major advancement in the malware research using data mining on file features and categorizes the surveyed work based upon the above stated hierarchy. This served as the major contribution of this paper.