Malicious codes detection based on ensemble learning

Authors:
Boyun Zhang;Jianping Yin;Jingbo Hao;Dingxing Zhang;Shulin Wang
Affiliations:
School of Computer Science, National University of Defense Technology, Changsha, P.R. China and Department of Computer Science, Hunan Public Security College, Changsha, P.R. China;School of Computer Science, National University of Defense Technology, Changsha, P.R. China;School of Computer Science, National University of Defense Technology, Changsha, P.R. China;School of Computer Science, National University of Defense Technology, Changsha, P.R. China;School of Computer Science, National University of Defense Technology, Changsha, P.R. China
Venue:
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Year:
2007

Citing 8
Cited 3

Dempster's rule of combination is #P-complete (research note)

Artificial Intelligence
Bagging predictors

Machine Learning
Speech and Language Processing: An Introduction to Natural Language Processing, Computational Linguistics, and Speech Recognition

Speech and Language Processing: An Introduction to Natural Language Processing, Computational Linguistics, and Speech Recognition
Ensembling neural networks: many could be better than all

Artificial Intelligence
Neural Network Ensembles

IEEE Transactions on Pattern Analysis and Machine Intelligence
Aggregation Algorithms for Neural Network Ensemble Construction

SBRN '02 Proceedings of the VII Brazilian Symposium on Neural Networks (SBRN'02)
Learning to detect malicious executables in the wild

Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Computational methods for a mathematical theory of evidence

IJCAI'81 Proceedings of the 7th international joint conference on Artificial intelligence - Volume 2

Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey

Information Security Tech. Report
Mal-ID: automatic malware detection using common segment analysis and meta-features

The Journal of Machine Learning Research
Malware detection by pruning of parallel ensembles using harmony search

Pattern Recognition Letters

Quantified Score

Hi-index	0.00

Visualization

Abstract

As malicious codes become more complex and sophisticated, the scanning detection method is no longer able to detect various forms of viruses effectively. In this paper, we explore solutions based on multiple classifiers fusion and not strictly dependent on certain malicious code. Motivated by the standard signature-based technique for detecting viruses, we explore the idea of automatically detecting malicious code using the n-gram analysis. After selecting features based on information gain, the probabilistic neural network is used in the process of building and testing the proposed multi-classifiers system. Each one of the individual classifiers is used to produce classification evidences. Then these evidences are combined by the Dempster-Shafer combination rules to form the final classification results for new malicious code. Experimental results produced by the proposed detection engine shows improvement compared to the classification results produced by the individual classifiers.