Discriminant malware distance learning on structuralinformation for automated malware classification

Authors:
Deguang Kong;Guanhua Yan
Affiliations:
University of Texas at Arlington, Arlington, TX, USA;Los Alamos National Lab, los alamos, NM, USA
Venue:
Proceedings of the ACM SIGMETRICS/international conference on Measurement and modeling of computer systems
Year:
2013

Citing 3
Cited 0

Data Mining Methods for Detection of New Malicious Executables

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Learning to Detect and Classify Malicious Executables in the Wild

The Journal of Machine Learning Research
McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables

ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this work, we explore techniques that can automatically classify malware variants into their corresponding families. Our framework extracts structural information from malware programs as attributed function call graphs, further learns discriminant malware distance metrics, finally adopts an ensemble of classifiers for automated malware classification. Experimental results show that our method is able to achieve high classification accuracy.