Knowledge discovery in databases: an overview
AI Magazine
Principles of data mining
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
Detection of injected, dynamically generated, and obfuscated malicious code
Proceedings of the 2003 ACM workshop on Rapid malcode
Static Analyzer of Vicious Executables (SAVE)
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Host-based detection of worms through peer-to-peer cooperation
Proceedings of the 2005 ACM workshop on Rapid malcode
Learning to Detect and Classify Malicious Executables in the Wild
The Journal of Machine Learning Research
A Novel Face Hashing Method with Feature Fusion for Biometric Cryptosystems
ECUMN '07 Proceedings of the Fourth European Conference on Universal Multiservice Networks
BotHunter: detecting malware infection through IDS-driven dialog correlation
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Eureka: A Framework for Enabling Static Malware Analysis
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Detecting Java Theft Based on Static API Trace Birthmark
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
A static API birthmark for Windows binary executables
Journal of Systems and Software
Malware Detection Based on Suspicious Behavior Identification
ETCS '09 Proceedings of the 2009 First International Workshop on Education Technology and Computer Science - Volume 02
RBACS: Rootkit Behavioral Analysis and Classification System
WKDD '10 Proceedings of the 2010 Third International Conference on Knowledge Discovery and Data Mining
CIMDS: adapting postprocessing techniques of associative classification for malware detection
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Authorship Attribution for Twitter in 140 Characters or Less
CTC '10 Proceedings of the 2010 Second Cybercrime and Trustworthy Computing Workshop
The Seven Scam Types: Mapping the Terrain of Cybercrime
CTC '10 Proceedings of the 2010 Second Cybercrime and Trustworthy Computing Workshop
Towards Understanding Malware Behaviour by the Extraction of API Calls
CTC '10 Proceedings of the 2010 Second Cybercrime and Trustworthy Computing Workshop
Windows Rootkits: Attacks and Countermeasures
CTC '10 Proceedings of the 2010 Second Cybercrime and Trustworthy Computing Workshop
Data mining for credit card fraud: A comparative study
Decision Support Systems
Data Mining: Practical Machine Learning Tools and Techniques
Data Mining: Practical Machine Learning Tools and Techniques
Detecting self-mutating malware using control-flow graph matching
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Fake File Detection in P2P Networks by Consensus and Reputation
IWCDM '11 Proceedings of the 2011 First International Workshop on Complexity and Data Mining
Analysis of Malicious and Benign Android Applications
ICDCSW '12 Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops
Analysis of firewall log-based detection scenarios for evidence in digital forensics
International Journal of Electronic Security and Digital Forensics
Zero-day malware detection based on supervised learning algorithms of API call signatures
AusDM '11 Proceedings of the Ninth Australasian Data Mining Conference - Volume 121
Identifying Cyber Predators through Forensic Authorship Analysis of Chat Logs
CTC '12 Proceedings of the 2012 Third Cybercrime and Trustworthy Computing Workshop
Malicious Code Detection Using Penalized Splines on OPcode Frequency
CTC '12 Proceedings of the 2012 Third Cybercrime and Trustworthy Computing Workshop
| Hi-index | 0.00 |
This paper describes our research in evaluating the use of supervised data mining algorithms for an effective detection of zero-day malware. Our aim is to design the tasks of certain popular types of supervised data mining algorithms for zero-day malware detection and compare their performance in terms of accuracy and efficiency. In this context, we propose and evaluate a novel method of employing such data mining techniques based on the frequency of Windows function calls. Our experimental investigations using large data sets to train the classifiers with a design tool to compare the performance of various data mining algorithms. Analysis of the results suggests the advantages of one data mining algorithm over the other for malware detection. Overall, data mining algorithms are employed with true positive rate as high as 98.5%, and low false positive rate of less than 0.025, indicating good applicability and future enhancements for detecting unknown and infected files with embedded stealthy malcode.