标题:A Malware Detection Algorithm Based on Multi-view Fusion
作者:Guo, Shanqing; Yuan, Qixia; Lin, Fengbo; Wang, Fengyu; Ban, Tao
通讯作者:Guo, S
作者机构:[Guo, Shanqing; Yuan, Qixia; Lin, Fengbo; Wang, Fengyu] Shandong Univ Jinan, Jinan 250101, Shandong, Peoples R China.; [Ban, Tao] Natl Inst Informat 更多
会议名称:17th International Conference on Neural Information Processing
会议日期:NOV 22-25, 2010
来源:NEURAL INFORMATION PROCESSING: MODELS AND APPLICATIONS, PT II
出版年:2010
卷:6444
期:PART 2
页码:259-266
DOI:10.1007/978-3-642-17534-3_32
关键词:Malware Detection; API Call Sequences; Multi-view Fusion; BKS Algorithm
摘要:One of the major problems concerning information assurance is malicious code. In order to detect them, many existing run-time intrusion or malware detection techniques utilize information available in Application Programming Interface (API) call sequences to discriminate between benign and malicious processes. Although some great progresses have been made, the new research results of ensemble learning make it possible to design better mal ware detection algorithm. This paper present a novel approach of detecting malwares using API call sequences. Basing on the fact that the API call sequences of a software show local property when doing network, file IO and other operations, we first divide the API call sequences of a malware into seven subsequences, and then use each subsequence to build a classification model. After these building models are used to classify software, their outputs are combined by using BKS and the final fusion results will be used to label whether a software is malicious or not. Experiments show that our algorithm can detect known malware effectively.
收录类别:CPCI-S;EI;SCOPUS
WOS核心被引频次:2
Scopus被引频次:2
资源类型:会议论文;期刊论文
原文链接:https://www.scopus.com/inward/record.uri?eid=2-s2.0-78650227093&doi=10.1007%2f978-3-642-17534-3_32&partnerID=40&md5=ab4c2908cfd67f5d371d3dfabe7330d7
TOP