Estimating attributes: analysis and extensions of RELIEF
ECML-94 Proceedings of the European conference on machine learning on Machine Learning
Data Mining Methods for Detection of New Malicious Executables
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Learning to Detect and Classify Malicious Executables in the Wild
The Journal of Machine Learning Research
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
IEEE Transactions on Knowledge and Data Engineering
Large-scale malware indexing using function-call graphs
Proceedings of the 16th ACM conference on Computer and communications security
PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Automated classification and analysis of internet malware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Effective and efficient malware detection at the end host
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Cujo: efficient detection and prevention of drive-by-download attacks
Proceedings of the 26th Annual Computer Security Applications Conference
Automatic analysis of malware behavior using machine learning
Journal of Computer Security
Proceedings of the 4th ACM workshop on Security and artificial intelligence
BitShred: feature hashing malware for scalable triage and semantic analysis
Proceedings of the 18th ACM conference on Computer and communications security
Graph-based malware detection using dynamic analysis
Journal in Computer Virology
Building a decision cluster classification model by a clustering algorithm to classify large high dimensional data with multiple classes
Polymorphic worm detection using structural information of executables
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Finding non-trivial malware naming inconsistencies
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Die free or live hard? empirical evaluation and new design for fighting evolving twitter spammers
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Prudent Practices for Designing Malware Experiments: Status Quo and Outlook
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
A quantitative study of accuracy in system call-based malware detection
Proceedings of the 2012 International Symposium on Software Testing and Analysis
| Hi-index | 0.00 |
The ever-growing malware threat in the cyber space calls for techniques that are more effective than widely deployed signature-based detection systems and more scalable than manual reverse engineering by forensic experts. To counter large volumes of malware variants, machine learning techniques have been applied recently for automated malware classification. Despite the successes made from these efforts, we still lack a basic understanding of some key issues, such as what features we should use and which classifiers perform well on malware data. Against this backdrop, the goal of this work is to explore discriminatory features for automated malware classification. We conduct a systematic study on the discriminative power of various types of features extracted from malware programs, and experiment with different combinations of feature selection algorithms and classifiers. Our results not only offer insights into what features most distinguish malware families, but also shed light on how to develop scalable techniques for automated malware classification in practice.