Titolo:  Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification
Autori: 
Data di pubblicazione:  2016
Autori:  Ahmadi M; Ulyanov D; Semenov S; Trofimov M; Giacinto G
Presenza coautori internazionali: 
Lingua:  Inglese
Titolo del libro:  Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy
ISBN:  9781450339353
Editore:  ACM
Pagina iniziale:  183
Pagina finale:  194
Numero di pagine:  12
Digital Object Identifier (DOI):  http://dx.doi.org/10.1145/2857705.2857713
Codice identificativo Scopus:  2-s2.0-84964884361
Codice identificativo ISI:  WOS:000387921800027
Revisione (peer review):  Esperti anonimi
Nome del convegno:  Sixth ACM on Conference on Data and Application Security and Privacy
Periodo del convegno:  MARCH 9-11, 2016
Luogo del convegno:  New Orleans
Abstract:  Modern malware is designed with mutation characteristics, namely polymorphism and metamorphism, which causes an enormous growth in the number of variants of malware samples. Categorization of malware samples on the basis of their behaviors is essential for the computer security community, because they receive huge number of malware everyday, and the signature extraction process is usually based on malicious parts characterizing malware families. Microsoft released a malware classification challenge in 2015 with a huge dataset of near 0.5 terabytes of data, containing more than 20K malware samples. The analysis of this dataset inspired the development of a novel paradigm that is effective in categorizing malware variants into their actual family groups. This paradigm is presented and discussed in the present paper, where emphasis has been given to the phases related to the extraction, and selection of a set of novel features for the effective representation of malware samples. Features can be grouped according to different characteristics of malware behavior, and their fusion is performed according to a per-class weighting paradigm. The proposed method achieved a very high accuracy ($\approx$ 0.998) on the Microsoft Malware Challenge dataset.
Tipologia: 4.1 Contributo in Atti di convegno

File in questo prodotto:
File Descrizione Tipologia Licenza  
p183-ahmadi.pdf  versione editoriale Administrator   Richiedi una copia

Questionario e social

Condividi su: