标题：A Malware Detection Algorithm Based on Multi-view Fusion
作者：Guo, Shanqing; Yuan, Qixia; Lin, Fengbo; Wang, Fengyu; Ban, Tao
作者机构：[Guo, Shanqing; Yuan, Qixia; Lin, Fengbo; Wang, Fengyu] Shandong Univ Jinan, Jinan 250101, Shandong, Peoples R China.; [Ban, Tao] Natl Inst Informat 更多
会议名称：17th International Conference on Neural Information Processing
会议日期：NOV 22-25, 2010
来源：NEURAL INFORMATION PROCESSING: MODELS AND APPLICATIONS, PT II
关键词：Malware Detection; API Call Sequences; Multi-view Fusion; BKS Algorithm
摘要：One of the major problems concerning information assurance is malicious code. In order to detect them, many existing run-time intrusion or malware detection techniques utilize information available in Application Programming Interface (API) call sequences to discriminate between benign and malicious processes. Although some great progresses have been made, the new research results of ensemble learning make it possible to design better mal ware detection algorithm. This paper present a novel approach of detecting malwares using API call sequences. Basing on the fact that the API call sequences of a software show local property when doing network, file IO and other operations, we first divide the API call sequences of a malware into seven subsequences, and then use each subsequence to build a classification model. After these building models are used to classify software, their outputs are combined by using BKS and the final fusion results will be used to label whether a software is malicious or not. Experiments show that our algorithm can detect known malware effectively.