Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Detection of unknown computer worms based on behavioral classification of the host
Computational Statistics & Data Analysis
Adaptive distributed mechanism against flooding network attacks based on machine learning
Proceedings of the 1st ACM workshop on Workshop on AISec
Automatic feature selection for anomaly detection
Proceedings of the 1st ACM workshop on Workshop on AISec
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
In recent years, millions of new malicious programs are produced by Pa mature industry of malware production. These programs have tremendous challenges on the signature-based anti-virus products and pose great threats on network and information security. Machine learning techniques are applicable for detecting unknown malicious programs without knowing their signatures. In this paper, a Layered Detection (LD) method is developed to detect malwares with a two-layer framework. The Low-Level-Classifiers (LLC) are employed to identify whether the programs perform any malicious functions according to the API-calls of the programs. The Up-level-Classifier (ULC) is applied to detect malwares according to the low level function identification. The LD method is compared with many classical classification algorithms with comprehensive test datasets containing 16135 malwares and 1800 benign programs. The experiments demonstrate that the LD method outperforms other algorithms in terms of detection accuracy.