Mining frequent patterns without candidate generation
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Fast Algorithms for Mining Association Rules in Large Databases
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Objective-Oriented Utility-Based Association Mining
ICDM '02 Proceedings of the 2002 IEEE International Conference on Data Mining
Detection of injected, dynamically generated, and obfuscated malicious code
Proceedings of the 2003 ACM workshop on Rapid malcode
Learning to detect malicious executables in the wild
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Static Analyzer of Vicious Executables (SAVE)
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Polymorphic Malicious Executable Scanner by API Sequence Analysis
HIS '04 Proceedings of the Fourth International Conference on Hybrid Intelligent Systems
IEEE Transactions on Pattern Analysis and Machine Intelligence
Data Mining: Concepts and Techniques
Data Mining: Concepts and Techniques
Introduction to Data Mining, (First Edition)
Introduction to Data Mining, (First Edition)
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
A comparison of methods for multiclass support vector machines
IEEE Transactions on Neural Networks
Intelligent file scoring system for malware detection from the gray list
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
A survey of data mining techniques for malware detection using file features
Proceedings of the 46th Annual Southeast Regional Conference on XX
A parameter-free hybrid clustering algorithm used for malware categorization
ASID'09 Proceedings of the 3rd international conference on Anti-Counterfeiting, security, and identification in communication
ISMCS: an intelligent instruction sequence based malware categorization system
ASID'09 Proceedings of the 3rd international conference on Anti-Counterfeiting, security, and identification in communication
An improved clustering validity index for determining the number of malware clusters
ASID'09 Proceedings of the 3rd international conference on Anti-Counterfeiting, security, and identification in communication
CIMDS: adapting postprocessing techniques of associative classification for malware detection
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Journal of Intelligent Information Systems
Automatic malware categorization using cluster ensemble
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
Combining file content and file relations for cloud based malware detection
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Graph-based malware detection using dynamic analysis
Journal in Computer Virology
A comparative study of malware family classification
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Review: Classification of malware based on integrated static and dynamic features
Journal of Network and Computer Applications
HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection
Journal in Computer Virology
Zero-day malware detection based on supervised learning algorithms of API call signatures
AusDM '11 Proceedings of the Ninth Australasian Data Mining Conference - Volume 121
Simseer and bugwise: web services for binary-level software similarity and defect detection
AusPDC '13 Proceedings of the Eleventh Australasian Symposium on Parallel and Distributed Computing - Volume 140
DroidLegacy: Automated Familial Classification of Android Malware
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
| Hi-index | 0.00 |
The proliferation of malware has presented a serious threat to the security of computer systems. Traditional signature-based anti-virus systems fail to detect polymorphic and new, previously unseen malicious executables. In this paper, resting on the analysis of Windows API execution sequences called by PE files, we develop the Intelligent Malware Detection System (IMDS) using Objective-Oriented Association (OOA) mining based classification. IMDS is an integrated system consisting of three major modules: PE parser, OOA rule generator, and rule based classifier. An OOA_Fast_FP-Growth algorithm is adapted to efficiently generate OOA rules for classification. A comprehensive experimental study on a large collection of PE files obtained from the anti-virus laboratory of King-Soft Corporation is performed to compare various malware detection approaches. Promising experimental results demonstrate that the accuracy and efficiency of our IMDS system out perform popular anti-virus software such as Norton AntiVirus and McAfee VirusScan, as well as previous data mining based detection systems which employed Naive Bayes, Support Vector Machine (SVM) and Decision Tree techniques.