A Toolkit for Detecting and Analyzing Malicious Software
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Data Mining Methods for Detection of New Malicious Executables
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Learning to detect malicious executables in the wild
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
N-Gram-Based Detection of New Malicious Code
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Workshops and Fast Abstracts - Volume 02
Visualizing windows executable viruses using self-organizing maps
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Static Analyzer of Vicious Executables (SAVE)
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Host-based detection of worms through peer-to-peer cooperation
Proceedings of the 2005 ACM workshop on Rapid malcode
A Feature Selection and Evaluation Scheme for Computer Virus Detection
ICDM '06 Proceedings of the Sixth International Conference on Data Mining
IMDS: intelligent malware detection system
Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
A scalable multi-level feature extraction technique to detect malicious executables
Information Systems Frontiers
Data mining methods for malware detection
Data mining methods for malware detection
Learning from socio-economic characteristics of IP geo-locations for cybercrime prediction
International Journal of Business Intelligence and Data Mining
Analyzing and defending against web-based malware
ACM Computing Surveys (CSUR)
Hi-index | 0.00 |
This paper presents a survey of data mining techniques for malware detection using file features. The techniques are categorized based upon a three tier hierarchy that includes file features, analysis type and detection type. File features are the features extracted from binary programs, analysis type is either static or dynamic, and the detection type is borrowed from intrusion detection as either misuse or anomaly detection. It provides the reader with the major advancement in the malware research using data mining on file features and categorizes the surveyed work based upon the above stated hierarchy. This served as the major contribution of this paper.